urlscan.io logo urlscan.io
SecurityTrails logo

employeeloginportals.com Open in urlscan Pro
68.183.21.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://allportalhelp.com/
Effective URL: https://employeeloginportals.com/
Submission: On November 12 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 8 countries across 40 domains to perform 342 HTTP transactions. The main IP is 68.183.21.49, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is employeeloginportals.com.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.
This is the only time employeeloginportals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 43.230.201.8 132335 (NETWORK-L...)
23 68.183.21.49 14061 (DIGITALOC...)
8 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.37 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
46 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1a0... 200325 (BUNNYCDN)
2 2a00:1450:400... 15169 (GOOGLE)
1 26 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
45 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
16 2607:f8b0:400... 15169 (GOOGLE)
2 64.233.166.157 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 23.213.165.236 16625 (AKAMAI-AS)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
14 216.58.206.34 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.230 15169 (GOOGLE)
21 47 142.250.74.194 15169 (GOOGLE)
1 2001:678:cb4:... ()
6 14 104.18.36.155 13335 (CLOUDFLAR...)
6 10 185.89.210.90 29990 (ASN-APPNEX)
5 35.244.159.8 396982 (GOOGLE-CL...)
2 6 23.35.237.56 16625 (AKAMAI-AS)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 3.33.220.150 16509 (AMAZON-02)
2 2 23.192.153.172 16625 (AKAMAI-AS)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
4 3.69.104.214 16509 (AMAZON-02)
7 7 37.157.5.84 198622 (ADFORM)
2 2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... ()
3 6 2001:678:cb4:... ()
3 3 151.101.130.49 ()
1 1 35.186.193.173 15169 (GOOGLE)
2 2 35.244.174.68 15169 (GOOGLE)
4 178.250.1.9 44788 (ASN-CRITE...)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
1 2620:116:800d... ()
2 4 2606:4700::68... ()
2 2 35.204.158.49 ()
1 1 3.123.104.22 ()
1 1 51.89.9.253 ()
3 130.211.44.5 ()
1 2600:9000:249... ()
2 52.212.149.111 ()
342 42
1    43.230.201.8 (Panvel, India)

ASN132335 (NETWORK-LEAPSWITCH-IN LeapSwitch Networks Pvt Ltd, IN)
allportalhelp.com
23    68.183.21.49 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
employeeloginportals.com
8    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
46    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2400:52e0:1a01::852:1 (Los Angeles, United States)

ASN200325 (BUNNYCDN, SI)
images.dmca.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
26    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
45    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
16    2607:f8b0:4008:813::2003 (Bradenton, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    64.233.166.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f157.1e100.net
bid.g.doubleclick.net
7    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    23.213.165.236 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-236.deploy.static.akamaitechnologies.com
svastx.moatads.com
obo.moatads.com
4    2a02:26f0:3500:d::1732:83c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
6    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
14    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
googleads4.g.doubleclick.net
25    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
47    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    2001:678:cb4:bbbb::13 (None, )

ASN- ()
d.turn.com
14    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
10    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
6    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
4    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    23.192.153.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-172.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    2a05:d018:d29:3601:af70:5903:a54a:226c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    3.69.104.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-104-214.eu-central-1.compute.amazonaws.com
x.bidswitch.net
7    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
4    2a00:1450:4009:34::6 (None, )

ASN- ()
r1---sn-aigzrn7d.c.2mdn.net
6    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
r.turn.com
3    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (None, )

ASN- ()
cms.quantserve.com
4    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
2    35.204.158.49 (None, )

ASN- ()
um.simpli.fi
1    3.123.104.22 (None, )

ASN- ()
d.agkn.com
1    51.89.9.253 (None, )

ASN- ()
onetag-sys.com
3    130.211.44.5 (None, )

ASN- ()
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
tps.doubleverify.com
1    2600:9000:2490:2600:19:8ca6:3640:93a1 (None, )

ASN- ()
cdn.pathtosuccess.global
2    52.212.149.111 (None, )

ASN- ()
on-device.com
Apex Domain
Subdomains		 Transfer
91 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
bid.g.doubleclick.net — Cisco Umbrella Rank: 802
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
ad.doubleclick.net — Cisco Umbrella Rank: 154
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
457 KB
91 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
ade.googlesyndication.com Failed
807 KB
31 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1173
r1---sn-aigzrn7d.c.2mdn.net
2 MB
25 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
90 KB
23 employeeloginportals.com
employeeloginportals.com
125 KB
14 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
6 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
275 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
8 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
5 KB
7 turn.com
d.turn.com
ad.turn.com
r.turn.com
3 KB
7 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 496
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
tps.doubleverify.com
126 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
441 KB
6 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
1 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 522
719 B
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 597
1 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
581 B
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
593 B
4 moatads.com
svastx.moatads.com — Cisco Umbrella Rank: 3235
obo.moatads.com
14 KB
3 everesttech.net
sync-tm.everesttech.net
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
3 wp.com
c0.wp.com — Cisco Umbrella Rank: 8386
stats.wp.com — Cisco Umbrella Rank: 2855
pixel.wp.com — Cisco Umbrella Rank: 2799
32 KB
2 on-device.com
on-device.com
609 B
2 simpli.fi
um.simpli.fi
1 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
573 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
921 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 2101
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
207 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
145 KB
1 pathtosuccess.global
cdn.pathtosuccess.global
1 onetag-sys.com
onetag-sys.com
388 B
1 agkn.com
d.agkn.com
731 B
1 quantserve.com
cms.quantserve.com
463 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
614 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
718 B
1 dmca.com
images.dmca.com — Cisco Umbrella Rank: 14674
4 KB
1 allportalhelp.com
allportalhelp.com
237 B
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
0 atdmt.com Failed
ad.atdmt.com Failed
342 40
Domain Requested by
47 cm.g.doubleclick.net 21 redirects googleads.g.doubleclick.net
employeeloginportals.com
46 pagead2.googlesyndication.com employeeloginportals.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
imasdk.googleapis.com
45 tpc.googlesyndication.com googleads.g.doubleclick.net
employeeloginportals.com
tpc.googlesyndication.com
imasdk.googleapis.com
26 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
employeeloginportals.com
25 s0.2mdn.net googleads.g.doubleclick.net
employeeloginportals.com
s0.2mdn.net
23 employeeloginportals.com employeeloginportals.com
16 csi.gstatic.com imasdk.googleapis.com
14 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
14 googleads4.g.doubleclick.net googleads.g.doubleclick.net
employeeloginportals.com
10 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
8 fonts.googleapis.com employeeloginportals.com
googleads.g.doubleclick.net
s0.2mdn.net
7 c1.adform.net 7 redirects
7 www.googletagservices.com googleads.g.doubleclick.net
6 sync.teads.tv 2 redirects googleads.g.doubleclick.net
6 www.google.com googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
5 us-u.openx.net googleads.g.doubleclick.net
employeeloginportals.com
5 imasdk.googleapis.com googleads.g.doubleclick.net
employeeloginportals.com
4 dis.criteo.com googleads.g.doubleclick.net
4 r1---sn-aigzrn7d.c.2mdn.net employeeloginportals.com
4 x.bidswitch.net googleads.g.doubleclick.net
4 match.adsrvr.org googleads.g.doubleclick.net
4 cdn.doubleverify.com googleads.g.doubleclick.net
cdn.doubleverify.com
s0.2mdn.net
employeeloginportals.com
3 sync-tm.everesttech.net 3 redirects
3 r.turn.com googleads.g.doubleclick.net
3 ad.turn.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
2 obo.moatads.com employeeloginportals.com
2 on-device.com employeeloginportals.com
imasdk.googleapis.com
2 um.simpli.fi 2 redirects
2 s.tribalfusion.com googleads.g.doubleclick.net
2 a.tribalfusion.com 2 redirects googleads.g.doubleclick.net
2 tr.blismedia.com 1 redirects googleads.g.doubleclick.net
2 id.rlcdn.com 2 redirects
2 gcdn.2mdn.net 2 redirects
2 e.dlx.addthis.com 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 ad.doubleclick.net imasdk.googleapis.com
2 svastx.moatads.com imasdk.googleapis.com
2 bid.g.doubleclick.net imasdk.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com employeeloginportals.com
www.googletagmanager.com
1 tps.doubleverify.com cdn.doubleverify.com
1 cdn.pathtosuccess.global googleads.g.doubleclick.net
1 rtbc-ew1.doubleverify.com cdn.doubleverify.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 onetag-sys.com 1 redirects
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 ipac.ctnsnet.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 d.turn.com googleads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 images.dmca.com employeeloginportals.com
1 pixel.wp.com employeeloginportals.com
1 stats.wp.com employeeloginportals.com
1 c0.wp.com employeeloginportals.com
1 allportalhelp.com 1 redirects
0 ade.googlesyndication.com Failed employeeloginportals.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
0 ad.atdmt.com Failed googleads.g.doubleclick.net
342 61

This site contains links to these domains. Also see Links.

Domain
www.dmca.com
Subject Issuer Validity Valid
employeeloginportals.com
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
images.dmca.com
R3		 2023-10-26 -
2024-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh
cdn.pathtosuccess.global
Amazon RSA 2048 M02		 2023-04-20 -
2024-05-18		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh
*.on-device.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-21 -
2024-04-19		 a year crt.sh

This page contains 40 frames:

Primary Page: https://employeeloginportals.com/
Frame ID: 2E075E450985D163EE3518DE47A64D9B
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: 76C1C61CC1921385B8B0429E2005D218
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&adk=1812271804&adf=3025194257&lmt=1699598363&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779531&bpp=4&bdt=671&idt=370&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7978397381970&frm=20&pv=2&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=388
Frame ID: AA2B565A3FBAF5700EA7E009B8EBCA6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
Frame ID: 72A991A21FFD62697674F305E801A74F
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Frame ID: 023B8E2CAD991D9655EB28A2DC159880
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Frame ID: E4E63C811D31EE3479166007DCF2125B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Frame ID: 979F0B22D002FC75B381025793E8A587
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Frame ID: 41CE389858551A1E4C9ED6091001F58A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Frame ID: 1315CE78C997BB238301DF822EF83EF1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Frame ID: CE7D5AABD983A6F8BCA4ED6494E4AA3B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4C96B0CFF0362679C5A1F5159DB168B0
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A21FF95D72296E16B3646AF1EC2BAC11
Requests: 36 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: A4598A161DA2248A50127F1AABB3E7C3
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 16ACCD5B7DBEB4438A6116E7365BD4C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLwBEOSj38QDGN3Q0foBMAE&v=APEucNUQK5KdNPlySJxDyO6-jsS_xBmLdQauKCOc7tjt9myl6GfBmYNAhKuPdlw-aqGm_HAiAOfJUXjcvXmWXRdLvMAgueZ6EF2ECEsdhToMvDn1DCF55D9saJa04sYzEpytXW80D0srbSLOPVbezITkP1WwLek41EprtZViz4psXmYYcYVoLtQ
Frame ID: 34EE2D919519130A7ADE835D917B0263
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A067D278654732244E57A77AB05ABA24
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeaNhD_92wYsoeT8QEwAQ&v=APEucNXs50zGlSYt9HLtcNCUh2ncMmd6-647mq5pjocdIB6FJgLZub4sIIMzo0PJzuALhApPPKHcVCrORI_dlEptlhk_ko1ZN0GEJ7ryuknAYcv1hGofYsCHMkgAqYS06KR_lH6NEypZPctTB6PFnXSasfUjrHKCQWXvq22ZJW6ussizHo5JsXM
Frame ID: D64C3935D3BF120BD65CD0ACD8CE83D4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DEA0FF66A7DEBD3AF5C159EA41CB96C2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARjftrP8ATAB&v=APEucNUUtMmmGTrYvA3SDEqLIfZAKmTQus9v0FazK6WZFIPeOQ6fG622lF2udeHcJ7t6m8PIKpXeK1lJcqwXZts549QoGz0wBhElL-N91OtkjC9u8O_IYfdAP2bB0WD2k48ZvHXRTmOaifKu9rcnmRJqp-NYRgG4yojFpg-k-S-18j5dbtbfEYs
Frame ID: D7FBF331DF1C51FF11BF0AFA7BA515F5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahDVyZ8CGLiqnv0BMAE&v=APEucNUneYKmoGGX6TRDoj7RgFtKCjlhqpXZgjutRGsfyavKbW9NpGb-W7MuQQ1fp9OZUwQ3386SypuEKDO5qdexZSXluZ7KhRE6ze87kb5DrjqfdPdYiBnkkEOxnilzae7CyxK1Phxpl7L2PrMwBTVWkWFEIvZIL-UeT9UW2DVgq9DtPsZJuPs
Frame ID: D986724EF07B2D2C9DE6C6FD88319C63
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D3F036E17B206BDBE42377E821A6458
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2EC332B66FF9626C5ED6ED1A98F8C418
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1CD04D1A486E62245BB0A2D998328820
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARi5ir_8ATAB&v=APEucNVNkyx21Jhczj1clX0dcZgJ5vsTXXBR7cM_lkHADDYOne3spfvGyUA654AUJHcDo7btBL3zh5byQCcwN0m35y66jqkqfsWC2VaaOI2p3py_aAGb3t8Gmic1sU77ieqlGvnASnlFroHhIsWJQ3LIknQ0EM-WQ9cVn780V6VXarPQbCkdBdA
Frame ID: F35E86BF1EAF02B53657B54DDEEFF4B9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E7A2B6AE11EE2260C5D7CE0825C53335
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA1E8788B5EC9CD281EF9BB1E5CA4DEE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E6E2AA6D1D582D67BB96F6A7A0C6002C
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
Frame ID: C2C28E3BEA3AAA3783A71BEE253CC6B0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO7wAEQiNbHARj5oaD4ATAB&v=APEucNWxI7mV2-TcREieLFv1lxh7VlHYV3cNm5OKicFJNMqotUJfiRgUOEad2mpRwQVV3mo-R6XcsT-2opb0jVJ4wcSR8433OE9qZKvHF3uAatyK0R3qGhjyJ6r-zTiUDj072wysTVkZb0bUizhNiUO0sVwQWurLC-Emqwo0P9f1Di-DeMUSSUw
Frame ID: 946FF408282FC240F6CBCDC2368FEA32
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 19B1B5C83E73365D629E35A05D92CF5F
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB4B73A1667F53251884CDC67B57F224
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6356557E48B2856D43C417D7CCF64192
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
Frame ID: 850C149BE04BD3ABC80288EEBC815F6E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 423E854F2F3ED3D1B5FD26600D94ADDE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D45B9634164D4DA1739E23EA4512EE58
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5652536573653377701/index.html?ev=01_250
Frame ID: 5B8C52FF99DF9B3BF885F6ADB41CED47
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6C670F85B39C314358D584BE37336711
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1151163A3561C97836E9330C6D9C310F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4884.js
Frame ID: F71C8161C0D1471FB16489236C730F0D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F46D07DDFE7481621AA105F4042F3D2D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Employee Login Portal Guides

Page URL History Show full URLs

  1. http://allportalhelp.com/ HTTP 301
    https://employeeloginportals.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

342
Requests

83 %
HTTPS

48 %
IPv6

40
Domains

61
Subdomains

42
IPs

8
Countries

4895 kB
Transfer

10236 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://allportalhelp.com/ HTTP 301
    https://employeeloginportals.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEH7uNBk7Yt0iwPa-qN-547A&google_cver=1
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOffuqh1l1hpUYUfYD8oZb0&google_cver=1
Request Chain 141
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVEJ9swyHxMu3YfBT7xuSQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELmUBjXcEGS0R9w7DnhF6tE&google_cver=1
Request Chain 143
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGvYr4hZDFyYLt7s4fDhuW8&google_cver=1
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxfkXSJsiJalRxbIarip2I&google_cver=1
Request Chain 170
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVEJ9swyHxMu3YfBT7xuSQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAtUj3HyRiidDXd5rjg4vGE&google_cver=1
Request Chain 172
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGvYr4hZDFyYLt7s4fDhuW8&google_cver=1
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESELfPB-uN45iaFzL92cT4gR8&google_cver=1
Request Chain 179
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRXQ8YfTL0Q2Sj3pVBslEWyJ1VucPCj3m29tnX4-4IKyFTzwkp20U4r3zleYyGEqJqx1b2eDg8V4eM6X21vc7LYuZZYoExzT-N-&google_gid=CAESEDkwm7lH5lrj6Fpu31v93lI&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRXQ8YfTL0Q2Sj3pVBslEWyJ1VucPCj3m29tnX4-4IKyFTzwkp20U4r3zleYyGEqJqx1b2eDg8V4eM6X21vc7LYuZZYoExzT-N-&google_gid=CAESEDkwm7lH5lrj6Fpu31v93lI&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMTIxNzIzMDMwMDA3MzA3MjQ5MDExNw%3D%3D&google_push=AXcoOmRXQ8YfTL0Q2Sj3pVBslEWyJ1VucPCj3m29tnX4-4IKyFTzwkp20U4r3zleYyGEqJqx1b2eDg8V4eM6X21vc7LYuZZYoExzT-N-
Request Chain 180
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJTsvlIl1sSO2Ch-r5mcf1M&google_cver=1&google_push=AXcoOmTa67EuumQbxfVGBB25A515CHKbPgPWC2CLTzNSuCWt3hG86zp8HXvQNmAL9i9gkSlljzxRb55dQ2zN-4hxjNJHc7XGhbPdkxqN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTa67EuumQbxfVGBB25A515CHKbPgPWC2CLTzNSuCWt3hG86zp8HXvQNmAL9i9gkSlljzxRb55dQ2zN-4hxjNJHc7XGhbPdkxqN&google_hm=eS1fODFQMkM5RTJwR2FZZ1JUWEVsekh4RnVnRGRZdE40Yn5B
Request Chain 182
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHdctPb_yB56ODG0r39R1sA&google_cver=1&google_push=AXcoOmQdyPHkwiHsL8IJW2ToHgo7979Rp_DAkIv0elwW4Ai1I2pUya-VCmJ6wompUTPUuwn3TCbEtiLXO7Jqsv5H5oYFvV2P0PHV4BEI HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHdctPb_yB56ODG0r39R1sA&google_cver=1&google_push=AXcoOmQdyPHkwiHsL8IJW2ToHgo7979Rp_DAkIv0elwW4Ai1I2pUya-VCmJ6wompUTPUuwn3TCbEtiLXO7Jqsv5H5oYFvV2P0PHV4BEI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3NDcwMDkyMjkxMDMwNTYyNQ&google_push=AXcoOmQdyPHkwiHsL8IJW2ToHgo7979Rp_DAkIv0elwW4Ai1I2pUya-VCmJ6wompUTPUuwn3TCbEtiLXO7Jqsv5H5oYFvV2P0PHV4BEI
Request Chain 194
  • https://gcdn.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/83C9F7AC28C3CDB1C17E76460EF51EFF5037FD85.2F0FB3E4AF26B277E9D6F9D316D58D390F8A96F3/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/034CD48C639B64803666B208F97CD39AF9902C64.762B46C76E6C4479F7404E84F476B797CB97DAFF/key/cms1/cms_redirect/yes/mh/KO/mip/2001:ac8:21:e::14/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1699809637/mv/m/mvi/1/pl/48/file/file.mp4
Request Chain 199
  • https://gcdn.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/83C9F7AC28C3CDB1C17E76460EF51EFF5037FD85.2F0FB3E4AF26B277E9D6F9D316D58D390F8A96F3/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/22608D61CDDEF25F03735E409610684022E6E2D7.29D8F01165B12FB4982E32CDD0F91BC1D549EC23/key/cms1/cms_redirect/yes/mh/KO/mip/2001:ac8:21:e::14/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1699809411/mv/m/mvi/1/pl/48/file/file.mp4
Request Chain 201
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDh4GvWVwMsRIrIMs57cRko&google_cver=1&google_push=AXcoOmTG-uDUfDZXVIFBSiRaUyvxUhOOHrhKJ0xra04vgtqVw0XHqGIQyWGYZxpak8Tv5FgHJiV2cT_GcxsQrpu8i1ocBAK2SgbQZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUyNTE2NTI5NjgzNTIzNTg4Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
Request Chain 202
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEXacHXxkxLHQQtxbabLQsw&google_cver=1&google_push=AXcoOmTMUHJK5gJTDQ-L4728FAvBv5fpXt8qnXTrlLfQNtU2AAIQOl1G3UBR55xWsYe7LCa0I4YPjTJTS9iOZKJbS5K31jYy18QNv3o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEXacHXxkxLHQQtxbabLQsw&google_push=AXcoOmTMUHJK5gJTDQ-L4728FAvBv5fpXt8qnXTrlLfQNtU2AAIQOl1G3UBR55xWsYe7LCa0I4YPjTJTS9iOZKJbS5K31jYy18QNv3o
Request Chain 203
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECKWuur8zkSQGxCRjIvt0f4&google_cver=1&google_push=AXcoOmQXmwbG23povFOk9MA0VFKHHIQIdIZIFTAcPDNK8TBN-IZv43_i2snVP8ARAfc-jgclZNF7cpJwYYjdVul4sr-0F31g0UOdPcU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQXmwbG23povFOk9MA0VFKHHIQIdIZIFTAcPDNK8TBN-IZv43_i2snVP8ARAfc-jgclZNF7cpJwYYjdVul4sr-0F31g0UOdPcU&google_hm=XK7MlveDQJeJfQFf0sBT2mg
Request Chain 204
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTgv19B36kuzibVBnqHE2ghQBJSHt34RqguzcMSDDw0tvEyWxCHtES5p2VtjJu0Bv5BL0Hokta3RS9oOoBsmtCCPKzsUrCxTg&google_gid=CAESEAlEgW97ZThwCMgzqPPmqhs&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPeTxKoGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWGNvT21UZ3YxOUIzNmt1emliVkJucUhFMmdoUUJKU0h0MzRScWd1emNNU0REdzB0dkV5V3hDSHRFUzVwMlZ0akp1MEJ2NUJMMEhva3RhM1JTOW9Pb0JzbXRDQ1BLenNVckN4VGc HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTFF3Ukd4VDVfX3RHUHJOSkZlWlpsU0NubUR4RmY4bEJCN2NCMzF3OVI5WQ==&google_push
Request Chain 207
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENpVh8_Au_TzBpqMpqG4ZAU&google_cver=1&google_push=AXcoOmQR4YP_xXUbN2LjuaJm4b5zVOTZ533K5n4OtBNFjoh-x-BepzXbN9xSZSeFXtVHQaIDZ34ClKp8QoCvWmQENyN9R-aoNE-0kjk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQR4YP_xXUbN2LjuaJm4b5zVOTZ533K5n4OtBNFjoh-x-BepzXbN9xSZSeFXtVHQaIDZ34ClKp8QoCvWmQENyN9R-aoNE-0kjk HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 210
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDYs_dyCM2FmSaHEkl72QS4&google_cver=1&google_push=AXcoOmT_5ZOSbiJrPW-MmOR_TBqwAbjh9D-dok6YW_F-5dlXmVPNBBU32XT7gP10vmy3RNTNxU4xkeXy6_V_K6u02vKbDqxg3JSDGA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDYs_dyCM2FmSaHEkl72QS4&google_push=AXcoOmT_5ZOSbiJrPW-MmOR_TBqwAbjh9D-dok6YW_F-5dlXmVPNBBU32XT7gP10vmy3RNTNxU4xkeXy6_V_K6u02vKbDqxg3JSDGA
Request Chain 214
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKFd0v4pxrcVAxxrHixKGA8&google_cver=1&google_push=AXcoOmR79Z88Tr1QpH8NaI1tPcXkyBZR74qrN2h4v0rC4sKuBViIzpSgDAZ9OyEqGA2Y0SBZeVLSDjBzpU8n96abHzH3yzte1BEHJA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKFd0v4pxrcVAxxrHixKGA8&google_cver=1&google_push=AXcoOmR79Z88Tr1QpH8NaI1tPcXkyBZR74qrN2h4v0rC4sKuBViIzpSgDAZ9OyEqGA2Y0SBZeVLSDjBzpU8n96abHzH3yzte1BEHJA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwNDA3NTE4NzAxODYwNDUzNg&google_push=AXcoOmR79Z88Tr1QpH8NaI1tPcXkyBZR74qrN2h4v0rC4sKuBViIzpSgDAZ9OyEqGA2Y0SBZeVLSDjBzpU8n96abHzH3yzte1BEHJA
Request Chain 216
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKFd0v4pxrcVAxxrHixKGA8&google_cver=1&google_push=AXcoOmSoyuvD5lnyttsb9FD3OSTxVDvshDvtk3fv3JVCNoxCfAeXct1VtG4CZ5DxMFbmblH9TwYcQNQFkNUHc7_eUM7NkW4WUDnxpg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKFd0v4pxrcVAxxrHixKGA8&google_cver=1&google_push=AXcoOmSoyuvD5lnyttsb9FD3OSTxVDvshDvtk3fv3JVCNoxCfAeXct1VtG4CZ5DxMFbmblH9TwYcQNQFkNUHc7_eUM7NkW4WUDnxpg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgxMjM2NzE1MDMzMjgzNDAzNg&google_push=AXcoOmSoyuvD5lnyttsb9FD3OSTxVDvshDvtk3fv3JVCNoxCfAeXct1VtG4CZ5DxMFbmblH9TwYcQNQFkNUHc7_eUM7NkW4WUDnxpg
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Request Chain 220
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVEJ9swyHxMu3YfBT7xuSQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKFw_9aRXdeJFIDsdHmePhk&google_cver=1
Request Chain 222
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
Request Chain 244
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBh5JbkVRJq82GoyLxGM25Y&google_cver=1&google_push=AXcoOmTS3DlDJz0Ah8edEVhlBHOs9S1kSVrjPjvu2oPbi65XrUwl37L6jcDE22HmWHWoXItn0IH-E684UmL2eTQH-m-zT9P437FgAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU5NzIyMjg5MDg3MzE2MzgyMw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
Request Chain 246
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENWLfSc0qA_JOD9qo1pPGQc&google_cver=1&google_push=AXcoOmQN9I2ADfTGEB0dZdGMfVdfHeUUN4ySuDuZ8LXyjn4CsXgXXg32XePOha-dgOn5W0EcVKI4fSOU7m3V-yOh1Fo4KOcNJr1z-w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQN9I2ADfTGEB0dZdGMfVdfHeUUN4ySuDuZ8LXyjn4CsXgXXg32XePOha-dgOn5W0EcVKI4fSOU7m3V-yOh1Fo4KOcNJr1z-w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENWLfSc0qA_JOD9qo1pPGQc&google_cver=1&google_push=AXcoOmQN9I2ADfTGEB0dZdGMfVdfHeUUN4ySuDuZ8LXyjn4CsXgXXg32XePOha-dgOn5W0EcVKI4fSOU7m3V-yOh1Fo4KOcNJr1z-w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQN9I2ADfTGEB0dZdGMfVdfHeUUN4ySuDuZ8LXyjn4CsXgXXg32XePOha-dgOn5W0EcVKI4fSOU7m3V-yOh1Fo4KOcNJr1z-w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 247
  • https://um.simpli.fi/gp_match?google_gid=CAESEI-owFBKNII7GSorIpu_-8I&google_cver=1&google_push=AXcoOmTJvNwrcdB0cuh9CO72CR2nWc33TaTp4z5VLKxISJBc9haoigZuc7kaiPiDmHxHlaMxQ432NtYSVKnaOW35n0Vh6aey0xSY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1DCA0E3E62DC4DF08A7134F72E276ADC&google_push=AXcoOmTJvNwrcdB0cuh9CO72CR2nWc33TaTp4z5VLKxISJBc9haoigZuc7kaiPiDmHxHlaMxQ432NtYSVKnaOW35n0Vh6aey0xSY
Request Chain 248
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKg_fvzjFxm7eRPFDP0JKRI&google_cver=1&google_push=AXcoOmRZjpqSyHPXBWK7ZWesoF20VBm3E_AIqddsTID7jJlI6d_gHJgKViIrvnojeXK7ypUG5toa7nN-QiJPdI61Ed6xTFyFQVZJ8w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRZjpqSyHPXBWK7ZWesoF20VBm3E_AIqddsTID7jJlI6d_gHJgKViIrvnojeXK7ypUG5toa7nN-QiJPdI61Ed6xTFyFQVZJ8w&google_hm=Q0FFU0VLZ19mdnpqRnhtN2VSUEZEUDBKS1JJ
Request Chain 250
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMmwg3X6vP1NZ4v_UFtSCsQ&google_cver=1&google_push=AXcoOmTiW1pgdY3q_ZbX2KpaKeO65q0ITCj_AH8HnXuKqVizX_lViH5E4o2mzzhaTbtAM7pviJhEMpJvnkJY_GjkZv_SDwvEL-pa7-g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTiW1pgdY3q_ZbX2KpaKeO65q0ITCj_AH8HnXuKqVizX_lViH5E4o2mzzhaTbtAM7pviJhEMpJvnkJY_GjkZv_SDwvEL-pa7-g HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Request Chain 256
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVEJ9swyHxMu3YfBT7xuSQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKFw_9aRXdeJFIDsdHmePhk&google_cver=1
Request Chain 258
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
Request Chain 268
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1&google_push=AXcoOmR_wOcDp65u17D8SUlQ2H4kVTN7ivvYtb-7j5ddWivdfxUolL9lvAe7gcXoPGYuHVqaKM0tR6BJWorWmaYy2uwg9vrJ9uwwRc0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM4MTA1MDEwODc1OTM4MDAxNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
Request Chain 269
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPknlWAZB_ZcL1rfmab68aw&google_cver=1&google_push=AXcoOmTt35HV0YOeqoYnK-2AmJFakcmdLdyXUr0_DgfP0nf1uFmyU8dzPZU9ZOukIgkMm4yyubZqcuqQf3V0ur89hbfdgv0Mji2DcA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTt35HV0YOeqoYnK-2AmJFakcmdLdyXUr0_DgfP0nf1uFmyU8dzPZU9ZOukIgkMm4yyubZqcuqQf3V0ur89hbfdgv0Mji2DcA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPknlWAZB_ZcL1rfmab68aw&google_cver=1&google_push=AXcoOmTt35HV0YOeqoYnK-2AmJFakcmdLdyXUr0_DgfP0nf1uFmyU8dzPZU9ZOukIgkMm4yyubZqcuqQf3V0ur89hbfdgv0Mji2DcA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTt35HV0YOeqoYnK-2AmJFakcmdLdyXUr0_DgfP0nf1uFmyU8dzPZU9ZOukIgkMm4yyubZqcuqQf3V0ur89hbfdgv0Mji2DcA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 270
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEI-wKUJPbXYijVHPP37H0JY&google_cver=1&google_push=AXcoOmTCqsO1EdzCvAPVi1oCL2akGZRVdnTlelYH-8CDZQjM3Mj8en2F9q-KA9q-a4-jRbiAfQQTDcdUkxLamkVwGPPlmaS_JmtTDaY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlZFSjl3QURScnlRWWdBVQ==&google_gid=CAESEI-wKUJPbXYijVHPP37H0JY&google_cver=1&google_push=AXcoOmTCqsO1EdzCvAPVi1oCL2akGZRVdnTlelYH-8CDZQjM3Mj8en2F9q-KA9q-a4-jRbiAfQQTDcdUkxLamkVwGPPlmaS_JmtTDaY
Request Chain 271
  • https://um.simpli.fi/gp_match?google_gid=CAESEHTqtlkvOWPTvghXY2k2sTM&google_cver=1&google_push=AXcoOmQAqVO9TbYIV-MKnYy4o6HLVMjpfstkIR3ibPySuFyi4ry0p2FxOxHwvNdQ5KFqNPT84eC90xF5h9u-DSI8K1pAYhydeDt3BFw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=42BFC68BC0A9498F9B0D1825E3CCE57B&google_push=AXcoOmQAqVO9TbYIV-MKnYy4o6HLVMjpfstkIR3ibPySuFyi4ry0p2FxOxHwvNdQ5KFqNPT84eC90xF5h9u-DSI8K1pAYhydeDt3BFw
Request Chain 274
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELiyymXJUsi7hkUFsvOd-NA&google_cver=1&google_push=AXcoOmTDwhVojX5MSM5AxoiJA4DOxXIeXG8U6G8QSXF9-C8cYd1wbsK2b6hYLan_FXLEqu2BzaH0By81lAx89D0OAxXG-zJ_qybf6oY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTDwhVojX5MSM5AxoiJA4DOxXIeXG8U6G8QSXF9-C8cYd1wbsK2b6hYLan_FXLEqu2BzaH0By81lAx89D0OAxXG-zJ_qybf6oY
Request Chain 325
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrY-L4CEK2V2p4DGJfC-vMBIAEwAQ&v=APEucNUCdww7CneEi-1MEew1ecuLDt7jwR9NqVSSFFWenvPsjVkzEg6AJXsF7WNFHCOwPb6tQnGU0EbI8xRt6uRiraT-G4aPZQ HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Request Chain 347
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH0TtQxXESrPDxtqjvfLnsw&google_cver=1&google_push=AXcoOmRfm4ClxhGIQ4RrzqjP7QDS5z6kDVy6dAyWX4sV2cQFaGUVw-4PyumAUqqDYY2rJKmJFdXu2R---wyZ-YI7ArVoJFAw_jZ0gw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRfm4ClxhGIQ4RrzqjP7QDS5z6kDVy6dAyWX4sV2cQFaGUVw-4PyumAUqqDYY2rJKmJFdXu2R---wyZ-YI7ArVoJFAw_jZ0gw&google_hm=hmVRCfevQ37ztsnUeA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D655109F7AF437EF3B6C9D478BLIS
Request Chain 348
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENIp1yOPOQr9_BXFqgBgpCY&google_cver=1&google_push=AXcoOmS1BWyVk-I9BB4_Xnrw6zpCusm2WiAolzxcSC3qpuLMuw3nCms94VGIIJjFyPBzC_ul4A0fKLZL3roDS6CSmuHxSOo6G9fv7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1BWyVk-I9BB4_Xnrw6zpCusm2WiAolzxcSC3qpuLMuw3nCms94VGIIJjFyPBzC_ul4A0fKLZL3roDS6CSmuHxSOo6G9fv7A&google_hm=eS1fODFQMkM5RTJwR2FZZ1JUWEVsekh4RnVnRGRZdE40Yn5B
Request Chain 350
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDr8rsi5chM3NHU61pWjDZ0&google_cver=1&google_push=AXcoOmREeMYbdUUuGTS_pu8VH1pkvGcgWSZvYZxLD17CHqIwCnlJd6DzfcGoB-M6x6nx0CTS286_A5nqTD6zLx6ZJ9nvJScfHlhX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwNDA3NTE4NzAxODYwNDUzNg&google_push=AXcoOmREeMYbdUUuGTS_pu8VH1pkvGcgWSZvYZxLD17CHqIwCnlJd6DzfcGoB-M6x6nx0CTS286_A5nqTD6zLx6ZJ9nvJScfHlhX

342 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
employeeloginportals.com/
Redirect Chain
  • http://allportalhelp.com/
  • https://employeeloginportals.com/
121 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
72d1920418b14c93f834f9ecc1564359c6836f5f8dcc806c3334f7dfbbf86965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 12 Nov 2023 17:22:58 GMT
last-modified
Fri, 10 Nov 2023 06:39:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WordOps

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Sun, 12 Nov 2023 17:22:58 GMT
location
https://employeeloginportals.com/
server
LiteSpeed
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arial%7COpen%20Sans&display=swap
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d810a330c0eccc3f3bc2c9f03da33eedc9609200e40c8a381be93c469cde3ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Nov 2023 17:22:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Nov 2023 17:22:59 GMT
style.min.css
employeeloginportals.com/wp-content/cache/min/1/c/6.3.2/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/c/6.3.2/wp-includes/css/dist/block-library/style.min.css?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
c3bf443ee738ca0da96a918a1509c493b4a063d4fdba845574ae26333efc6ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-360c"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
13836
expires
Tue, 12 Dec 2023 17:22:58 GMT
mediaelementplayer-legacy.min.css
employeeloginportals.com/wp-content/cache/min/1/c/6.3.2/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/c/6.3.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
bf81cd39db0030faa0e128af3d5195e498bf19958faae75ba5ea16d590eccc10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-a48"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
2632
expires
Tue, 12 Dec 2023 17:22:58 GMT
wp-mediaelement.min.css
employeeloginportals.com/wp-content/cache/min/1/c/6.3.2/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/c/6.3.2/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-484"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
1156
expires
Tue, 12 Dec 2023 17:22:58 GMT
styles.css
employeeloginportals.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
88f21490128244f54a38864c301f0c9be49f323f6da36c5f5a6bd02175647ada
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-373"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
883
expires
Tue, 12 Dec 2023 17:22:58 GMT
secure-copy-content-protection-public.css
employeeloginportals.com/wp-content/cache/min/1/wp-content/plugins/secure-copy-content-protection/public/css/ 		954 B
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/wp-content/plugins/secure-copy-content-protection/public/css/secure-copy-content-protection-public.css?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
e5a6b332ce0e1d7e9ffe36470190a421acd4bd6c6e70cd377a80c19b92cd06d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-197"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
407
expires
Tue, 12 Dec 2023 17:22:58 GMT
screen.min.css
employeeloginportals.com/wp-content/plugins/table-of-contents-plus/ 		1 KB
798 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2309
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:14:03 GMT
server
nginx
etag
W/"653e144b-484"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Tue, 12 Dec 2023 17:22:58 GMT
main.min.css
employeeloginportals.com/wp-content/themes/generatepress/assets/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.1
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 31 Aug 2023 03:46:06 GMT
server
nginx
etag
W/"64f00cfe-4c6e"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Tue, 12 Dec 2023 17:22:58 GMT
featured-images.min.css
employeeloginportals.com/wp-content/plugins/gp-premium/blog/functions/css/ 		3 KB
836 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.3.2
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 31 Aug 2023 03:44:43 GMT
server
nginx
etag
W/"64f00cab-cdd"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Tue, 12 Dec 2023 17:22:58 GMT
main.min.css
employeeloginportals.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/main.min.css?ver=2.3.2
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
1b8ea3665c171dfb165266c135c84516e4add691e3ecbf4f03b3272557cb70e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 31 Aug 2023 03:44:43 GMT
server
nginx
etag
W/"64f00cab-1d07"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Tue, 12 Dec 2023 17:22:58 GMT
main-mobile.min.css
employeeloginportals.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/main-mobile.min.css?ver=2.3.2
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
df88df96f09d9747755aa2b1f44bc857078fe9a8b6807897ed99d366d7271b20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 31 Aug 2023 03:44:43 GMT
server
nginx
etag
W/"64f00cab-a23"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Tue, 12 Dec 2023 17:22:59 GMT
jetpack.css
employeeloginportals.com/wp-content/cache/min/1/p/jetpack/12.7.1/css/ 		98 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/p/jetpack/12.7.1/css/jetpack.css?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
3f0c8b3969f58cc9605c9515e33c5ea1e49b60600be464f0a27846d702bcdd94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-47dd"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
18397
expires
Tue, 12 Dec 2023 17:22:59 GMT
jquery.min.js
c0.wp.com/c/6.3.2/wp-includes/js/jquery/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-nc
HIT lhr 1
date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 26 May 2023 11:33:35 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
expires
Mon, 11 Nov 2024 17:22:59 GMT
jquery-migrate.min.js
employeeloginportals.com/wp-content/cache/min/1/c/6.3.2/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/c/6.3.2/wp-includes/js/jquery/jquery-migrate.min.js?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
a7c3b69070e18da88843ce5865aae332f74fae0ada9c0a6004c6615c9813b4d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-1306"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
4870
expires
Tue, 12 Dec 2023 17:22:59 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-192926347-1
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a850bec7d3e3899fb7cd2c2cc7b4118f5a90525b240a3240dff327d9b5efe02b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68784
x-xss-protection
0
last-modified
Sun, 12 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Nov 2023 17:22:59 GMT
css
fonts.googleapis.com/ 		2 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito&display=swap
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a53078b0ce8b07b2a7033969301849e5a5035aef1339486be74619b375b9c67d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Nov 2023 17:03:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Nov 2023 17:22:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9340358673009042
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f2757037b0891098cb0e503a5fc5a33b58da2eb8c4cb3d1b78c4d9c8af81223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Origin
https://employeeloginportals.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53168
x-xss-protection
0
server
cafe
etag
14333677085052711692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:22:59 GMT
DMCABadgeHelper.min.js
employeeloginportals.com/wp-content/cache/min/1/Badges/ 		314 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/Badges/DMCABadgeHelper.min.js?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
08b37aca16a892d64ffcdf0714db663160d388dfe6df8920177ef788b5501535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-ee"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
238
expires
Tue, 12 Dec 2023 17:22:59 GMT
index.js
employeeloginportals.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
f271360c544394f70c29284d881571e3b69ee6fa4a3a41d81c5a3d074cbeff4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-c6d"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
3181
expires
Tue, 12 Dec 2023 17:22:59 GMT
index.js
employeeloginportals.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/js/index.js?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
4af9dac8fb9b63a0212749b1d6a4466fab62ba560c630c71b378c1fcde550797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-1055"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
4181
expires
Tue, 12 Dec 2023 17:22:59 GMT
frontend.js
employeeloginportals.com/wp-content/cache/min/1/wp-content/plugins/link-whisper-premium/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/cache/min/1/wp-content/plugins/link-whisper-premium/js/frontend.js?ver=1698567316
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
bfc74007a5da34364b70616b6ffadd05fa20152073a517793c9bc10634a92e8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:15:16 GMT
server
nginx
etag
"653e1494-708"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
1800
expires
Tue, 12 Dec 2023 17:22:59 GMT
front.min.js
employeeloginportals.com/wp-content/plugins/table-of-contents-plus/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2309
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:14:03 GMT
server
nginx
etag
W/"653e144b-180f"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Tue, 12 Dec 2023 17:22:59 GMT
menu.min.js
employeeloginportals.com/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 31 Aug 2023 03:46:06 GMT
server
nginx
etag
W/"64f00cfe-1b3f"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Tue, 12 Dec 2023 17:22:59 GMT
e-202345.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202345.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-minify-cache
hit
x-nc
HIT lhr
date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684460848292.3706
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 04 Nov 2024 08:28:38 GMT
lazyload.min.js
employeeloginportals.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employeeloginportals.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 08:10:47 GMT
server
nginx
etag
W/"653e1387-22bc"
x-powered-by
WordOps
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Tue, 12 Dec 2023 17:22:59 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
207a26ecddc902a457338bf04b417424694888725642fe55cbda5f5619ed546c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
935916fc24df85645ca123f762cac02f2cc4f04912299553e5846176b75c2e69

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fa4a476ff82236290ed4fdb176ecfb32438dccbf19335035f37dbf6ba4f1dca

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3j6zdXWg.woff2
fonts.gstatic.com/s/nunito/v26/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3j6zdXWg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc450e36554c51b060a3ba51573e0995338c05e3ab60dc20d171c1ad825d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://employeeloginportals.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 19:08:27 GMT
x-content-type-options
nosniff
age
252872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16368
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 19:08:27 GMT
g.gif
pixel.wp.com/ 		50 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=213844643&post=0&tz=0&srv=employeeloginportals.com&j=1%3A12.7.1&host=employeeloginportals.com&ref=&fcp=1135&rand=0.7421301087249361
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-origin
*
date
Sun, 12 Nov 2023 17:22:59 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
Why-Mycsulb-Not-Working-300x175.jpg
employeeloginportals.com/wp-content/uploads/2023/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employeeloginportals.com/wp-content/uploads/2023/10/Why-Mycsulb-Not-Working-300x175.jpg
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
5bf560531b19403fc01c74792ab141006e71e8df4d43271d640af09154318f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 16:22:42 GMT
server
nginx
etag
"653e86d2-1c62"
x-powered-by
WordOps
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7266
expires
Thu, 31 Dec 2037 23:55:55 GMT
Mycsulb-300x175.png
employeeloginportals.com/wp-content/uploads/2023/10/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employeeloginportals.com/wp-content/uploads/2023/10/Mycsulb-300x175.png
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
e16949ddc6955212354ffc84430f66c0e94fd0963fa98b0bc64286a7d6a74f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 16:06:23 GMT
server
nginx
etag
"653e82ff-4946"
x-powered-by
WordOps
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
18758
expires
Thu, 31 Dec 2037 23:55:55 GMT
Setup-FedEx-Account-For-Employee-Discount-300x175.jpg
employeeloginportals.com/wp-content/uploads/2023/10/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employeeloginportals.com/wp-content/uploads/2023/10/Setup-FedEx-Account-For-Employee-Discount-300x175.jpg
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.21.49 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / WordOps
Resource Hash
30eae664aac82efc26b3c95c4c34396fd7e040bc938952a284f7f0bff39b6081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 27 Oct 2023 16:02:34 GMT
server
nginx
etag
"653bdf1a-199f"
x-powered-by
WordOps
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
6559
expires
Thu, 31 Dec 2037 23:55:55 GMT
DMCA_badge_grn_80w.png
images.dmca.com/Badges/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/DMCA_badge_grn_80w.png?ID=6c88b210-5555-4372-b361-6299e8f0aa44
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a01::852:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-LA1-852 / ASP.NET
Resource Hash
4a9b2e73b2962f3ae3ff92475340f6e4153940f9e882c7bb20cb9649557330f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
cdn-edgestorageid
1109
x-powered-by
ASP.NET
cdn-cachedat
09/12/2023 22:48:27
cdn-pullzone
1574055
content-length
3815
last-modified
Thu, 22 Apr 2010 20:02:08 GMT
server
BunnyCDN-LA1-852
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"26f5cb056e2ca1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
2754e9177a06c91fa2d2c4b870069d19
accept-ranges
bytes
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FWS1JGBEMF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192926347-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eaefda0e11e3d0db2006f032c54bdd35d80efff177eb3c8b45f86150905b4538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79193
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 12 Nov 2023 17:22:59 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192926347-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Nov 2023 15:49:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5598
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 12 Nov 2023 17:49:41 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9340358673009042
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8435e0f0f31e208f66007b24d23843a302ccd85e6709d310e05702aa3ae4f265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:22:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138532
x-xss-protection
0
server
cafe
etag
18068317283390808899
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:22:59 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame 76C1 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9340358673009042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
11693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 14:08:06 GMT
etag
16674218716276178799
expires
Sun, 26 Nov 2023 14:08:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FWS1JGBEMF&gtm=45je3b81v9107664635&_p=1699809779126&gcd=11l1l1l1l1&dma=0&cid=2750680.1699809780&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1699809779&sct=1&seg=0&dl=https%3A%2F%2Femployeeloginportals.com%2F&dt=Employee%20Login%20Portal%20Guides&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1535
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FWS1JGBEMF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:22:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://employeeloginportals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=573924306&t=pageview&_s=1&dl=https%3A%2F%2Femployeeloginportals.com%2F&ul=en-us&de=UTF-8&dt=Employee%20Login%20Portal%20Guides&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=659258268&gjid=49452393&cid=2750680.1699809780&tid=UA-192926347-1&_gid=1100863952.1699809780&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1312370832
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://employeeloginportals.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:22:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://employeeloginportals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame AA2B 		318 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&adk=1812271804&adf=3025194257&lmt=1699598363&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779531&bpp=4&bdt=671&idt=370&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7978397381970&frm=20&pv=2&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35cb73d18e66a622b886c0f6ad9e43a6cc006f12b148d0a8d58178041761a01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
75894
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:01 GMT
expires
Sun, 12 Nov 2023 17:23:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 72A9 		84 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ec3cf85252834067a897cd02dfef64c9c7353987ba6db879474da3a113caadc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
26488
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:01 GMT
expires
Sun, 12 Nov 2023 17:23:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 72A9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
55675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 01:55:06 GMT
css
fonts.googleapis.com/ Frame 72A9 		10 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d1dfe664e40212b463e2754344e0ec023d19985855c9828f6110546cb9f8129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Nov 2023 17:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Nov 2023 15:25:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Nov 2023 17:23:01 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/ Frame 72A9 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 11:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 11:36:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 11:38:28 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/ Frame 72A9 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c9ee4bf9f0e069ecf0037a5cde67640a7a323072f95efeecea32fb7177a518d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 23:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133662
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 11:36:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 23:17:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 72A9 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
76837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:02:24 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js?bust=31079588
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12079d726c73d0d9debe4f0ebbc24fcbb1c22368d83192cb3c65b66c951fe2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://employeeloginportals.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55804
x-xss-protection
0
server
cafe
etag
3002861716205614923
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:23:01 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 023B 		111 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b9d4ef2923a2bd080b4a88e29aeff2962a55ece93b23153328504299c5349b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
48980
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
expires
Sun, 12 Nov 2023 17:23:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E4E6 		118 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27fa9cffaa69ea8a651822c45c47f26fe5e7633d843052034670c8a6785877e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
47857
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
expires
Sun, 12 Nov 2023 17:23:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 979F 		45 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43b607f7e2e10048f170f82f9e9ca51f9166f0ef6eb5905d45cc9345a92dc1cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16617
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
expires
Sun, 12 Nov 2023 17:23:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 41CE 		114 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec46b59f5d0f8942aa460004d2b3d97a8c21ee3831230944efb60adc14984ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
50241
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
expires
Sun, 12 Nov 2023 17:23:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1315 		125 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df34d2910dcb02c9e047650d2337592fb95b5cfcd6f880a1f984950cee23a83d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
51763
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
expires
Sun, 12 Nov 2023 17:23:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CE7D 		125 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
057dfcfe9e3a20acde49c7fbb325fc03f36faa88bffdf98d3d8d3388a4e1b670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
51861
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
expires
Sun, 12 Nov 2023 17:23:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame 4C96 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
50269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 03:25:12 GMT
etag
16674218716276178799
expires
Sun, 26 Nov 2023 03:25:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame A21F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9340358673009042&plah=employeeloginportals.com&bust=31079588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employeeloginportals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
50269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 03:25:12 GMT
etag
16674218716276178799
expires
Sun, 26 Nov 2023 03:25:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 4C96 		5 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e213333a0380556049d579d12bd28ea169343ee6ab4bd9bd0919861d14e230b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Nov 2023 17:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Nov 2023 15:31:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Nov 2023 17:23:01 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4C96 		205 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 13:40:18 GMT
x-content-type-options
nosniff
age
272563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 08 Nov 2024 13:40:18 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4C96 		604 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 13:30:38 GMT
x-content-type-options
nosniff
age
273143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 08 Nov 2024 13:30:38 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 4C96 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 22:17:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
68713
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6703
x-xss-protection
0
server
cafe
etag
18125926408851158271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 22:17:48 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 4C96 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 21:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
72484
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8785
x-xss-protection
0
server
cafe
etag
17726888854999048520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 21:14:57 GMT
csi
csi.gstatic.com/ Frame 72A9 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lovqutrf&c=1174622766579&slotId=587311383289.5&qqid=CIbGhPH8voIDFRtOwgUdIm0GmA&fb=outstream-lima&sei=44752538%2C44807615%2C45401791%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72A9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cjb3K9AlRZYb8Bpucid4PotqZwAnu-P7pcor3iL2GEvAuEAEg5M34e2C7hoCA0ArIAQWpAq1iYcWIg7Q-qAMByAObBKoEjgJP0M9DB4PQbQAGN-fGUwqEN2AE8brRldieBB06AaOWUXjr4Vt0aoLi_AYaujPzMbMDTbnnRqpbNS7lq_9Y6gcWRedsUigLrUQXvP5FZxUV01zaBmgmkQoXuwVJw_CVNdAw9rRpjIoXolLypFDzm67f1Fj8ZhChcSn5XIsOAgBy1Z_BWBfI_3PcVgiDMGfsVWEl-fHbjtW1HbJMx97y_uXa_Q1jdfvHvvv3x1wB1V5HHRw4P1N_iQBExpSGYqs38GeBy_BCuecitAY0bjqyj2V_nYvi8Y50fNxPjap38tfxYWU3DGvym17cTEBFTBu1VoNglOFDn-SjAKjn78jd6GwYcUarzF8o10O7ulfGa2fABKngsIjABOAEA4gF9qHCvUyQBgGgBnnYBgKAB_WYoJwDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAI2ZSoBLAIAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGiDBAqDgoM5LSxAu61sQK7u7ECqg0CR0KwE7igrRXIE6651OMD2BMKghQaGhhlbXBsb3llZWxvZ2lucG9ydGFscy5jb22IFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1699809781815&ai=Cjb3K9AlRZYb8Bpucid4PotqZwAnu-P7pcor3iL2GEvAuEAEg5M34e2C7hoCA0ArIAQWpAq1iYcWIg7Q-qAMByAObBKoEjgJP0M9DB4PQbQAGN-fGUwqEN2AE8brRldieBB06AaOWUXjr4Vt0aoLi_AYaujPzMbMDTbnnRqpbNS7lq_9Y6gcWRedsUigLrUQXvP5FZxUV01zaBmgmkQoXuwVJw_CVNdAw9rRpjIoXolLypFDzm67f1Fj8ZhChcSn5XIsOAgBy1Z_BWBfI_3PcVgiDMGfsVWEl-fHbjtW1HbJMx97y_uXa_Q1jdfvHvvv3x1wB1V5HHRw4P1N_iQBExpSGYqs38GeBy_BCuecitAY0bjqyj2V_nYvi8Y50fNxPjap38tfxYWU3DGvym17cTEBFTBu1VoNglOFDn-SjAKjn78jd6GwYcUarzF8o10O7ulfGa2fABKngsIjABOAEA4gF9qHCvUyQBgGgBnnYBgKAB_WYoJwDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAI2ZSoBLAIAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGiDBAqDgoM5LSxAu61sQK7u7ECqg0CR0KwE7igrRXIE6651OMD2BMKghQaGhhlbXBsb3llZWxvZ2lucG9ydGFscy5jb22IFALYFAHQFQH4FgGAFwHoFwU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 72A9 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lovqutrs&c=1174622766579&slotId=587311383289.5&qqid=CIbGhPH8voIDFRtOwgUdIm0GmA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1gu&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 72A9 		26 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Dyf5GrnV2LO6FliFhAOBgh0iZZC9WoQeSaCy1oSSrYbkvAtV_JWTE4BPkimKa6Tad4AI20M7notK8449AEMXiEjI5CNA&cry=1&dbm_d=AKAmf-D1zfv0uxafTsQwifAC727_BF7Uj5ZhuL5cVkt9OiRKazDNllyUxGAhWQY6uUjnDUt6bnhP_ImKI3Wv8XYzQTSMC1NSqfHCNOPHWKgZS5vEHQAM4xshkEHsj_2fuAdpvpBSBX_uYIsOnnogYfPvOdhJ4BRkgQpU5USQQZ9ygV60ossBW-fVIOSyMp78PaACnhawdUGl8ULjA3-oAbpwuuriX17rxfSVTXFtPWUPEtOAw8vYhy1xe-xC8CiHGH_NprQn3AzCAVEjSDAWJnbcIr7QL1Q6ZPFCd69AeCrVEKET7SN8K7rchA5D5m2PJmPIcuCM5ZF6KGJA4P2-_-3f9SI4XsK4ZpbQVZa6llc2gOwQXa-nsX-vOB45xy6RZt_HQkwAlkX-uR7gdemS9rx7zpevc2q6FdcP8zfsaNlPyXepdvYHjfPqJyGukhxJ0kvaUY3E64b0gpLshX0-gNrO5FiY6TKcyonC2CjKcdbJ0tGdW1oXVLbvbowl-g9vTCx12JF4GOXxQwIpJvujUCOxXPZaIyiIQUImsaEHlTi5uzXPC3JVU_8mAu5DLgVt26dVVk_B-kN8g6cE0kFM8MvYWCqwyH2HiXh7CK890h7zjotfkE9qUDLsyeK_u2SJfvwScQhbGP4EqpWAhaTpkgnBaoKTPuAphJvsaO70WaDm08Lz_fEHTyhg0jTjxgxc4mS9FLVNCEgbDakicWOcbq6VFNWWNAFOTDwtnFTQwNcpFysIdb3xwnocXps2_GgaQUOaiobXbJPRvtvhM6ZSW3o0X0wzH8XtO-fUhTGdPLOalAl2fC5xNtwYHaSJPemPP-ScuNGYZWaESvtWqdzlOmOaS3R_Ij8g1koLO76-FEaoucXhLa_PGKDhqbAvZsEEkF_uybtj9C_6TGLzCFHVV1FLIfUgJOaUM32srVJ6e-8Rr7FEQ5TD9Sx80WblvVvkL3H1y_tOYIBtvcuRYIgOLb5eOOrpPln_hfcB0bW8ahqafNhnUVGstY9tWUq0F1XnyaZ0oNYKB9-H3wqtlWtw_VPweJ8McMvLm01PKkBBudLoaA0uOrCz1Vpun4fnnCz1xERGqiP_IgIND3aHcniPrlth3ROfMLoDioWGAYT9XDSxPaJ88nRPSmgWrkXdYn-ZpAhUrAHja9tfSPdezo1WEZPEc1gf4pxt3PenM5cnbY0TCUsiFsNmJkPycBcghbeO0cg6MpUk60DpL9I_2GH_PjuF6kVV4lA2Xecaydpt4dpx_cBpe-1vTlux41YEZ08unjuXH4f41Ld38L0PYBetGxyClRPmiNavmm4A8_LV-lrWU2Krkifs99RTwmvsccHDzvzOMH50hYKJW4P_q3-Ho99IsIV1SVQFw3GkgVwUVFxTpx279AkGwViYZIIp0my-FMhYNGMaicHHWCCNI45RMeKXXNR8Q_tDA9iJdeyxeduGZ4w9ENv7SLY8o7BCAYfSnMqQPjLzLqJdqmx3Djs_bdwmd3X5etZl_A36RPBl4KTuLeXV5Uv44odWtFxCjtcl1dxj7cNCEWpyEPRe7fEDhS4nxn1l3K9zBWERk9844FpgmUPEW6Vha3HJdhuO1Be37NIJryBbby4HDppcaSjTlVJvKsQHIE5H6oR6-AYbJnN3G6EpIdhYdHEJ3U2CkoXwC1DxWnGPgqS2a4TTMPg5t6R6QTGWIhVCS_pMo2Hj0MaeWigHBhq9XQeYQxN_L3JdWhgGWeeDsyrRo9vS7qTBTLYv6jXWPjehaCUzHQOU30yHQrWjmlpl8N18fF7Dc2V5tig3zkNdE4OPZkaIKezFhUo8feVHB8x1XLzAvpKUyeYVFlD4PDZ3Bj_4X1i0VW6Vp7HWjWtmAZ3GjfEgy17-6ZUFwswcXM-3x5E1r2RuL_ehP84AcclWNBy4qzshfYYP0NLYk20FplGzSXlGgTwWZs-2X6Mn244Ifo0RX2uXU9FOiBtYjR3GECcljSMTOXreeGUUXo8gv2_ZzTprzznkXFwgrmVLiPdhWtnTv9HOvcFjUPSKBh85TaJa2XwPAUzPZFk1A7utUjAyM7se0UZQ1XMuCEVVCohnM73qa3Ziys4eEEu3kgtW7nFObUGxTtv1m15pVGzr6VBSRqkBs7f-0a7x95edwkUwWScsOpQlzzySqRlwDA1m4rpU-bIlCMPVq4PcstE3bZ4juv61fIZJhCx6ulSmthSO0lP8DaPecouKL08N89KboXkEGPxJGHYMUO9S3HvmseUqx8Fvk7CYfwZEUNeBNY_u6jRhThqzkt862E5BP3z2AvqCpIpt_NqwdKe-dVNlvL5nP9IkL2mKcItx2n_PBmqaEfkbgEaOQMHd2eVH9SNE-ruOmmU40Bc-WT6kl_TdWdolphyRRoymM6zp-H-GtBQtwDnsU-g-88GWPHn7PHeg_eOUsOAHLRPckJG_2HTk4da63j3K-KPfJUf9hwM-0pHYzKlG1Yxky5pzMG-X87b3ioRL1D39If4Frjn3y93nFLrWRyQ2EYRESkx0NlV-7Sz2_U3_w88503nTuPXdnxzAYZ-uMXo_-VxeqOO2ht0loAyQoX0oY0iaBxhuk6_s0CQiNquVqDhbedyG8Lr4Mo47u8nTshRNfeDcPaqGuMbdWwZOD_hBfv8S3ed_R8K-m0rE1Ls74YeuwfQnqoFByZ3TCUuSoNwKKl6BATX66J_-o7gsIly7Gq2C3m9gM7DR8XZis4HU5vkvcyNl0qUMSLJ4MsylciLZpYwsvx6QoVkpjmzktn1gXnCVArD_qrJlKnbs5q4oueNmFSQzKY7a4IqaqdaPtmkd0D0tVtARKt7MhHimVt9n25mzQqwHQuiH0H1JMOGkcxYe0u_abk1MAz4yQtYTAEDdNzMYrCNHi4HfKv-pRzoxNZqUSPHPGlZ3duR5Ow2ayN74poA_Hgu_YrFEhnDunyU8jXzaoZRVrzIF_v56UHnKylYFgjvcrSxhFKxmpARQTh_enLLcABKERm9ZEzjIhEHqLAStIobP7FS2lEoPlRAe9aV_Y2gvEOkX_V6wMTAfIQkxmx189uf3F4ueyvkFoobmIVzVhtoaXMCkGf71clSy2cbeKqrqNGlYDO2nv5ZwfV33-VfeqZcQkgp3Fe5XFIOFhzz7EfqkrnW1eFBzzVN-uedZaSnwsmDuVSf4wQEKN92_86bEmxoUwNusTJ-gzF9sJsbMWojbO9an8zfMBEwTRRUnL2OABOl0PUnYPtMhhmVs6Lm2g7SzjoRnlPRUl8bl4YtB11Jpl2H7IS8Rk0ev-IT8lWsG9aXDGyhUoDecqCQOg-it_Th4q17WeryQ7dLX40xf0tWkRD9PFIp4a7S6KoRL2PGyeeNAFtkMhBR7SmiXoqQba7XdP6BRpmep5KZLFWhkhXoH2ml0JbusQYqjfAalc55-M_c7tUkpFrEkVbXU2XJXZKLWK5u3YckOv089CTYIKm1lv61-bbCY3-ZNRTrDcpw2TSRdOCDbua1MVU9oL5vWR34ItD649FqersWcUBdrVziETxTqvamF8ciDJZDNrDqbXAtP_InoyksPMYMZPfAmW6DA47FlksnhfrWZNzC9dQdHQfSqyw_LOqdmmuzH96paTEHYGcZhDkq0Eveoh0JHg_6_DgxQGLnMi5Fy74v8A87beNT8MN1J1G31chHH2eXUvSXGBBh5qKTD9tELTZM9Z-c60Go34qnvmv6a1NzNpda-dTu8lDTb0NbhPguzWez9eUn6YuBDRt4lSP_txSWQ2nQgE8OH0QKmNjDMhLHKsb15iG9k0io0F-6ECw5LQ-gTc4SbjDqwhycvQSdhnZWGLGclnZbe01nZ61kdR7_e6caEZnO64xAWveXvDm3wmpyF-Ki8NnVdG0HMYEn-6oVynwLOO2uwEtrjE4I5IEr9oqBIvxOEnmdmwI4ZHsc_vEPtrwUHnEgjCSFqfM31mkYNbaWWVSFK43M&cid=CAQSTgDICaaNQ7x1z6o_66i9VOCslMd9Leo6WCbtTA86YB3mCq4K3dihnlLvJ5Son77-mkCpV5q9TQvRjGP_N-AMRO8oxpb6wjksvx7h7_DJBxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f157.1e100.net
Software
cafe /
Resource Hash
85e77a0d5fa80528fe1bc360d15b05d100972b5f30502f539a182779de08d993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16440
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 72A9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ef40f05c030889ccc2c4ecc4e18278f68cba224a1969915c71bcdb9ed535979

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame A21F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
55675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 01:55:06 GMT
css
fonts.googleapis.com/ Frame A21F 		10 KB
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d1dfe664e40212b463e2754344e0ec023d19985855c9828f6110546cb9f8129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Nov 2023 17:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Nov 2023 15:36:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Nov 2023 17:23:01 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/ Frame A21F 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 11:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 11:36:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 11:38:28 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/ Frame A21F 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c9ee4bf9f0e069ecf0037a5cde67640a7a323072f95efeecea32fb7177a518d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 23:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133662
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 11:36:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 23:17:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A21F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
76837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:02:24 GMT
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame A459 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 14:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 19:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 14:04:29 GMT
1290528a0f60de16515866847082b13a.js
www.gstatic.com/mysidia/ Frame A459 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 04:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8379
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 19:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 04:12:48 GMT
css
fonts.googleapis.com/ Frame A459 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Nov 2023 17:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Nov 2023 15:36:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Nov 2023 17:23:01 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A459 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
76837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:02:24 GMT
55c07926d0961c7899d23978ffa28542.js
www.gstatic.com/mysidia/ Frame A459 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/55c07926d0961c7899d23978ffa28542.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 21:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2242
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 21:49:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 21:08:33 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame A459 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
55675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 01:55:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A459 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 10:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
26429
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A459 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
76837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:02:24 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A459 		199 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:23:02 GMT
81801f102bbf3ca11da2806ffde236a3.js
www.gstatic.com/mysidia/ Frame A459 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 17:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15369
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 05:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 17:46:39 GMT
csi
csi.gstatic.com/ Frame A21F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lovqutvr&c=4854621573240&slotId=2427310786620&qqid=CImThfH8voIDFURMwgUdxHMHLQ&fb=outstream-lima&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A21F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cukg99AlRZYnJB8SYid4PxOed6ALu-P7pcor3iL2GEvAuEAEg5M34e2C7hoCA0ArIAQWpAq1iYcWIg7Q-qAMByAObBKoElQJP0FbB-PwM780MeoQGcfJ6Cga4jPHgC6B5YB1uRfOB1hDNEasJRP7nauLkP0x-qxvPX9nrfM8ojouqsGZPkTnRJsA75coja15DS-68alQbag7SJ6TXcYiVDiUUyWKugrWGePXXFjSt-q5pCm5FiHJleyyK1-5BXDHnoyvnohzHg7B7BfTIsvJbAIdpn7hwNSqKlL8PW6MD57e8UvuWGnszqO7tb2C38CG4lt1P_tZWPmaIhvgbH2Ar8TreThn3b6BFbqsacRGHrvxUKxq-ynWRxYBv4Kjxfp2nnvUvuYfUCrXnQG_lOZJbdvlgn_1hnPO7qrkm0Hw3PtZf8Ob4OW7bJW6siKHH9Y2EbK4KySreQOOr2o-NwASp4LCIwATgBAOIBfahwr1MkAYBoAZ52AYCgAf1mKCcA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwCgCNmUqASwCALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBogwUKhIKEOS0sQLutbEC5LSxAu61sQKqDQJHQrATuKCtFcgTrrnU4wPYEwqCFBoaGGVtcGxveWVlbG9naW5wb3J0YWxzLmNvbYgUAtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1699809781969&ai=Cukg99AlRZYnJB8SYid4PxOed6ALu-P7pcor3iL2GEvAuEAEg5M34e2C7hoCA0ArIAQWpAq1iYcWIg7Q-qAMByAObBKoElQJP0FbB-PwM780MeoQGcfJ6Cga4jPHgC6B5YB1uRfOB1hDNEasJRP7nauLkP0x-qxvPX9nrfM8ojouqsGZPkTnRJsA75coja15DS-68alQbag7SJ6TXcYiVDiUUyWKugrWGePXXFjSt-q5pCm5FiHJleyyK1-5BXDHnoyvnohzHg7B7BfTIsvJbAIdpn7hwNSqKlL8PW6MD57e8UvuWGnszqO7tb2C38CG4lt1P_tZWPmaIhvgbH2Ar8TreThn3b6BFbqsacRGHrvxUKxq-ynWRxYBv4Kjxfp2nnvUvuYfUCrXnQG_lOZJbdvlgn_1hnPO7qrkm0Hw3PtZf8Ob4OW7bJW6siKHH9Y2EbK4KySreQOOr2o-NwASp4LCIwATgBAOIBfahwr1MkAYBoAZ52AYCgAf1mKCcA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwCgCNmUqASwCALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBogwUKhIKEOS0sQLutbEC5LSxAu61sQKqDQJHQrATuKCtFcgTrrnU4wPYEwqCFBoaGGVtcGxveWVlbG9naW5wb3J0YWxzLmNvbYgUAtgUAdAVAfgWAYAXAegXBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A21F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lovqutw1&c=4854621573240&slotId=2427310786620&qqid=CImThfH8voIDFURMwgUdxHMHLQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1l2&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame A21F 		26 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B9aROdGdpEyiB-vgoiPhmutAiNHlRBBwO9wbLlMwVdhCOc0y_1dOyWpyVGiW-fKxLjMQxPA7T1c6lyVmxXbP9OADxmUA&cry=1&dbm_d=AKAmf-CIbCSFYCD0knXnHgTcN608OgUFyc7lioAJcftHJw6uDj48cjuTu7QIhC6tXvLvMgieOSOEZXRpCZq2DdpVgdcsUGzVQVHBQpjVecWQzbW_HwYjZR9-OLoXXOk2S1AbWvjszWzuvouBsPacBii1mVt5p7zRalGmBhnK3SxDdpjenDIfXj8KdX07h0CMLy3msaUSU3wXOvv6ZpdbZWzk42mFc1eSckT34agTSFeO3xMAFtbA72R2LXl_WbM644tLalBWbAfGjydAp16CmYc41Rb2ljnoQJjR0dHleOAESGHPUDK8JLv5c2W8U9iIskOnENo4vvem9YQzojuf5KDsM28XuJ9g-MOfuBCFo0I_M0JVkmVaoVlTMvf4FP8lPKUJvFle9mZyEDln-5QEJXGlAURCpiu6DFhU9mC4GE1C3tIl0NMLoLCo6piV85Rr9P7KxiByonqUKFVsSqwBZ6-VX05lYCM7l22hswhQ9fH29AV39UaKBXMpm5qg9Ooy8uz2qTznsrvV1wwfo6Vu_Uj4Wx6PJsEtzQA1-rqp3LeqcDKCXVtPGGrVYwmZA-Vueced5u-3mBpxphRnm-Bq4aHCBFfspx_EOj0wU8MyTYZTCq7fWtj6GAxsZqy6VXwOJ6xvnBwx2fiCjGye4fLeJAqpjIbwXVBlNLnJtxwutjfP46yshVsP3EJeS6BjgP63rR9MqVOzycsVAr2Y5jAqzrc8Q2OJBe-WW4o8pzZzMsf-wylub7xF1rhCSyJRlaxUh1SL9sQrJILyYD3Mc17ORfbiixxiYDAtLGMXGKIM38_ClfdcAFsRqokbbTN-Ak3jAJdSei_jiZSzcA4J91hzBkYPAjmZ7kNPeB9WoLCF-oS2Sf8jiLwkNKZdvhMdweUgZhHh5j7pUmUWGqjYb76Ye6o9vnN9WzrA_lmDEJ8C3lIYxl0XEU1y8AwF-duEqZ0wppIRV01rCPA9pOLwHKhQ8iInXoGSt888ROHCWPQJ9efU6hnXIwMS9ZKjlvxYmFJOTwHVOHqe0vOkg8FbmyZ70s-3QnIkRmtMLNjmwAxlDTAVuHTvG8Gjrox5gsc4RmE8e9ZIKUX7iO1f3o2IWFqwt_HB-8HKgfztPQZ6IP5Tdy5DOURwH5fSEk8pz_7ZUN-gScvEd5U8i2DXsoYCD30-KVql2jROf_TolzMz2hYKFbSJBZDRss2hD8h-CrRgX4zL-2wP-K8QPcCsJKjwWF_JLiYK1Zgr4xFfh8b9oZZMbZkkuFV0FUSbFJhdZLzL7hcQRhhbkZL_MorzZqXpb-xSmqYlaZM487qqxDyzYjPvknfIT_vxlNDJZJwUdHty9ci-hRJvsfxe8Ha6P2DeiDzXfsoEU9gj_ykXFws0pyw3pGtZruL-C8RkThfbR6zawwGqI6If_DXFZU78_6maO5HQp_cSmXfDAS6TYVV-fvhamHbG6b91Y3LA-9WBPPlfBhj839DYcnUON_9bPCfCaX9ljeuiocspDxMe-Ri436mdHyJW_CR4n5NGzgP5thIkuctytyd_0cUOlxyIsT6ktMR4FV2x3wxBgfvCRYDDBAbhoUna_5aw4FFVYGKwCx5R_XmCgi14QgKpqdaLBaE7QvgvjJ8qdgYJXk2YEfE0eetaeDTDHyzoLhKtD3DwyB3o95PtEPJ8OIzXNXUuKzwP8Rw-d9Jdh-RUMeGqhtA8-U5FoIW4cWT05Ti_A9GU63GAhsHq8LtlABg2vqxcM907e4YJkZ3bpyiGDIwRGv0dCWd62LaODQf1dyLcHn7BlWm1kW9nZS3ytnlw7Tr_Zu3rrm3qB3BO4k3ts2HVh-5fviMv1gg0ZZ716v3UGxAL8Lcjhr30boROOQk6po1OjbJ4olAoTDEELqHrphIltgoevXQaD-uQH7_fF8n9kSfpqE1Ist5_uzMw_HMjRMIDZP5b5270iR8NOHDnbg5xN8KJCXcwfmFE7dRzCgXpkwUN5ouF5AZGoAfEdgguv6x2s2hG-C1XHbbwh9VdhE8aM2lKwxkXbqBShrwZLY4jakbSsYFJQyErN7KX4wapLoL8yu9KoQAe4xcXRoGO9sMhHZr8BsLAdD85OrZrn3pDlyf3h_GkH1K733qUns1SwrBofg6sZOJF2KrFpYIaZWFqi1FXS6HmlJigRLhu6U_PxMLMW0YTPNetfN9MJUe67S1pE08fruNwQ4fOB-2SEP-7NxkTHS_RPoly02YjQ4jd7tbuW2ZrCnPs2Qzq472YFuPxbkZk9-X4N7UTMVL0XSYbrHQl1mqlF8M_ztr5rPo3j2R5x-TIe9sg0By2f64HN33DCmtEP-M9UGWF94lN916pPDuXbtGvUQuPIZ8eRZp02cc2wIKctH34PRpCMo9w97S2low65FBp1E8lpsmqupFoO8zZyjg8SGPMZ9Z4dxpUZTtSNhsW3Or9pPYmn53cxZG7EEfslhN-hi6pzWfeLS4KNHSOUjtGm8ChbXBm9BFMMffbJjwqs0SSs0uscNFc7c9djWeQf_eopeZrQiyEp8pxP5D7KvrDoqJ5w3Ocu4qp2lR1HLOI_6ipX9Let62Wk8ENcawqUHgQY9oxYIOM92XS6fEbNb-82lj0aYBPBxA13OwbnE1mS1pOpLwYipRYimRzu0DpCIi8NgRamdGhN4l7E4w9RTTDAYChbJR-m3Mp00qHKCOMIX1Hdx9uQVr1rSwGgjz1f6pvsO090SID0e-fiVbfnInKeS8edEAu93X8_Sj0b2xJzKhqFEgVdhM4XzW0PfUFjouV0lRopxh5fUDI8Sc1fKuYS1sDikMc14QnTFaNSaFG17ox1yKMEeHJ6zRDxqZE0Ty1O5VykXO_QrH0x5N3fWNZNNYxdILcu34Ud8WKDgbQkUfRQ_n-5CSSYlFrIaSsTnCnM0mfuuoDGWEIuvy3WIKSaldoArpHNy78CFI4tEC2jbXcR_i3dOiYgdmfqjCZWU68Y1QIUDWsxjt9zh4uoANyFeKyBiRV6-l18HQdfLdQFJ3Y-5SQLf90rNwXjuazF-0ZerIah2SDl-Qdy96c_uMi81DNIFfxHQzqLwvFRZxyWXxUb9nWzllp8kNOGodocJBnCi9Ptlt4NXNFcW-cdwNB1e4jF_cW0N-QEirA5DdYoZ03cZ1j_osnigKQqnxNtgx7QGKzLj6s1U67OuHCWQKudFGYLwPMdMCVdPzX2iJfcyn5R51GTRE91-XSWxzDkX1ywRBWJHZw84cXSL_npgzT8LZGMpjnRSMVDxyjDUnZByQjTvaFWzYU-M1BhnaznbBNxXuE6eF9EXVhwiT1Di554qIPYHOWkCQ9sXvL5rWXlQ9GxfFX4XOb5rOjLBwfrlpxyWua0d8j3ae34tpw91Agyr_KrAr31GrU5zMmk4hF0LRucOBf7jBe6oqVHDEb3k7h6WYESuiPGuACMf1XpyX-42dJQKXj9ZHEZBLhfG6x4DneQt9GpkyAiB9VdJRryjZxq5MFhfiYow_qMj4QdS424C4MEmGLOs-04geRLYgHpARF6CSMdHy8ARqMunDAwpsPgXZTO2r--_2SPAbLMZF0pQ7U6yQXiOGBxexXDCVBjQZCbab10kDayiOovooTj4L5K7qcfFv5cG4x9329atbIjvhEdk9mm_B0xxvNp5X89F_DBOEdWm_-hNr61anelKXr_mk0rIsIyMRD6Bf9ndKisjVm3nAUtQIfAJUwUuTjlPbb1-SL2Db09bYJg8rIYdg24OC4oDNBO6_jiqEEeU1F-l1kMOt2WRUp8LOMr8lMj7WX8ah3XDp6iqgwzivZsqFO4txnnvSkj8oOzPhYQ1KQE1wRJeIMA7-LXtbv_KRI8sTODFbHVw9RfdA4Gehd1R2CyaHcmVVA2hHzqkrD6ALhKBPdhl49b-j4oYgbxksZ7opR481nS-SjgFwJ9_rD2sPyzdIOWobqPjFzkMlJdXAk7scb5NYD7LsbJ2Z15Uu8OXsCxaQTDo_HPVNpcR1lmhfHUp-a9Y7rT0KbZVDROpEkZdKRWG0FzrtIC6U3aop8zfTXwsjUsAa-nCjD&cid=CAQSTgDICaaNrSZpZ7ao_m-XGU3cuyNHFnuji1GmhqHLxhqNXi4HrL2xOH2tsRDX5zFYn_S9O5K5GXFWR4k-Au7560RkSinU4tzcZDW2JJDPSBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f157.1e100.net
Software
cafe /
Resource Hash
4b170e386b751bdfb11355a5c691c162347b26806471b67271a058eb55b35dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16297
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A21F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fa973c2980f4f8311124cdd6d45644674246ff34f015534dd6e20e1eeb228d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 72A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6IVU9AlRZYb8Bpucid4PotqZwAnu-P7pcor3iL2GEvAuEAEg5M34e2C7hoCA0ArIAQWpAq1iYcWIg7Q-qAMBqgSLAk_Qz0MHg9BtAAY358ZTCoQ3YATxutGV2J4EHToBo5ZReOvhW3RqguL8Bhq6M_MxswNNuedGqls1LuWr_1jqBxZF52xSKAutRBe8_kVnFRXTXNoGaCaRChe7BUnD8JU10DD2tGmMiheiUvKkUPObrt_UWPxmEKFxKflciw4CAHLVn8FYF8j_c9xWCIMwZ-xVYSX58duO1bUdskzH3vL-5dr9DWN1-8e--_fHXAHVXkcdHDg_U3-JAETGlIZiqzfwZ4HL8EK55yK0BjRuYrMdq-wH9nAwX505IKaGS5zZDRoU5Lh_6VWYetbvSmxUyBLB8OI5QW2x_C77W8w1AXvFQACyolqJozROp54Jl8AEqeCwiMAE4AQDiAX2ocK9TJIFCwgiEAIYAUidnosCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ52AYCgAf1mKCcA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEITpQRiXwvrzAaAI2ZSoBLAIAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDBAqDgoM5LSxAu61sQK7u7ECsBO4oK0VyBOuudTjA9gTCoIUGhoYZW1wbG95ZWVsb2dpbnBvcnRhbHMuY29tiBQC2BQB0BUBgBcBshccChoIABIUcHViLTkzNDAzNTg2NzMwMDkwNDIYAOgXBQ&sigh=ciGPa43Bguw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNQ7x1z6o_66i9VOCslMd9Leo6WCbtTA86YB3mCq4K3dihnlLvJ5Son77-mkCpV5q9TQvRjGP_N-AMRO8oxpb6wjksvx7h7_DJBxgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
Attribution-Reporting-Eligible
event-source
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Nov 2023 17:23:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A459 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoKCAEqBnNxdWFyZQoKCAIqBnNlcnZlcgoNECshAAAAAAAAIEAwBAoNEAMhAAAA0Mz8ZEAwBAoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAACRAMAQSGkNJYVRoZkg4dm9JREZVUk13Z1VkeEhNSExRIgl0ZXh0L3J5dWsoFQ==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A21F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9hxJ9AlRZYnJB8SYid4PxOed6ALu-P7pcor3iL2GEvAuEAEg5M34e2C7hoCA0ArIAQWpAq1iYcWIg7Q-qAMBqgSSAk_QVsH4_AzvzQx6hAZx8noKBriM8eALoHlgHW5F84HWEM0RqwlE_udq4uQ_TH6rG89f2et8zyiOi6qwZk-ROdEmwDvlyiNrXkNL7rxqVBtqDtInpNdxiJUOJRTJYq6CtYZ49dcWNK36rmkKbkWIcmV7LIrX7kFcMeejK-eiHMeDsHsF9Miy8lsAh2mfuHA1KoqUvw9bowPnt7xS-5YaezOo7u1vYLfwIbiW3U_-1lY-ZoiG-BsfYCvxOt5OGfdvoEVuqxpxEYeu_FQrGr7KdZHFgDfhOj_tB9oMNP5QwijjvgarRD_S59r5iuI4_kWWULGDofV360S8e__eyOC0lSgOtGUujOvtTmCd6_bVszplUGvABKngsIjABOAEA4gF9qHCvUySBQsIIhACGAFInZ6LApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGedgGAoAH9ZignAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCp-DcYl8L68wGgCNmUqASwCALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBogwUKhIKEOS0sQLutbEC5LSxAu61sQKwE7igrRXIE6651OMD2BMKghQaGhhlbXBsb3llZWxvZ2lucG9ydGFscy5jb22IFALYFAHQFQGAFwGyFxwKGggAEhRwdWItOTM0MDM1ODY3MzAwOTA0MhgA6BcF&sigh=w_kdxtkbbFk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNrSZpZ7ao_m-XGU3cuyNHFnuji1GmhqHLxhqNXi4HrL2xOH2tsRDX5zFYn_S9O5K5GXFWR4k-Au7560RkSinU4tzcZDW2JJDPSBgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible
event-source
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 72A9 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lovqutsc&c=1174622766579&slotId=587311383289.5&qqid=CIbGhPH8voIDFRtOwgUdIm0GmA&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UK_PepsiMax_SummerTaste_BasePlan_Q3_2023_M411621690-373317506.xml
svastx.moatads.com/pepsicoessadcmvideo633239199003/ Frame 72A9 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://svastx.moatads.com/pepsicoessadcmvideo633239199003/UK_PepsiMax_SummerTaste_BasePlan_Q3_2023_M411621690-373317506.xml?apiFrameworks=7&gdpr=&gdpr_consent=&
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
831a95adadcaefa084022039d0b505b234bfc2e1452b4483aa024c5904a6565a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
AmazonS3
x-amz-request-id
ZAQDPNN43CR3MV1T
x-amz-server-side-encryption
AES256
etag
"7152ea62f0fa0e0539e17a3b6be5c102"
access-control-allow-methods
GET
content-type
text/xml
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
6640
x-amz-id-2
zWYbQaelpbWfY1twoMi2U8/FBcWTNejG7cc8a/ICKuKSDwkp1J6POHXrEm74v9i338BkF8h9uxY=
expires
Sun, 12 Nov 2023 17:23:02 GMT
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame 16AC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 01:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
228874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 01:48:28 GMT
csi
csi.gstatic.com/ Frame A21F 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lovqutw7&c=4854621573240&slotId=2427310786620&qqid=CImThfH8voIDFURMwgUdxHMHLQ&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UK_PepsiMax_SummerTaste_BasePlan_Q3_2023_M411621690-373317506.xml
svastx.moatads.com/pepsicoessadcmvideo633239199003/ Frame A21F 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://svastx.moatads.com/pepsicoessadcmvideo633239199003/UK_PepsiMax_SummerTaste_BasePlan_Q3_2023_M411621690-373317506.xml?apiFrameworks=[APIFRAMEWORKS]&gdpr=&gdpr_consent=&
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7958fa31c40cea048863922557272e6db969a2d59958be36dba7a2f1c6fc3f20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
AmazonS3
x-amz-request-id
ZAQDPNN43CR3MV1T
x-amz-server-side-encryption
AES256
etag
"7152ea62f0fa0e0539e17a3b6be5c102"
access-control-allow-methods
GET
content-type
text/xml
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
6666
x-amz-id-2
zWYbQaelpbWfY1twoMi2U8/FBcWTNejG7cc8a/ICKuKSDwkp1J6POHXrEm74v9i338BkF8h9uxY=
expires
Sun, 12 Nov 2023 17:23:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A459 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoKCAEqBnNxdWFyZQoKCAIqBnNlcnZlcgoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAABDw9EAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAmJnpeUAwBAoNEBQhAAAAAABO9UAwBAoNEBUhAAAAAAAAJEAwBAoNEBYhAAAAAAAAEEAwBAoNEBghAAAAAADwekAwBAoNEDIhAAAAAAAAAAAwBAoNEDMhAAAAAAAAAAAwBAoNEDQhAAAAAAAAAAAwBAoNEDUhAAAAAAAAAAAwBAoNEDYhAAAAAAAAAAAwBAoNEDchAAAAAAAAAAAwBAoNEDghAAAAAAAAAAAwBAoNEDkhAAAAAAAAAAAwBAoNEDohAAAAAAAA4D8wBAoNEDshAAAAAAAA4D8wBAoNEDwhAAAAAAAA4D8wBAoNED0hAAAAAAAA4D8wBAoNED4hAAAAADAz4z8wBAoNED8hAAAAADAz4z8wBAoNEEAhAAAAADAz4z8wBBIaQ0lhVGhmSDh2b0lERlVSTXdnVWR4SE1ITFEiCXRleHQvcnl1aygV
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 34EE 		468 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLwBEOSj38QDGN3Q0foBMAE&v=APEucNUQK5KdNPlySJxDyO6-jsS_xBmLdQauKCOc7tjt9myl6GfBmYNAhKuPdlw-aqGm_HAiAOfJUXjcvXmWXRdLvMAgueZ6EF2ECEsdhToMvDn1DCF55D9saJa04sYzEpytXW80D0srbSLOPVbezITkP1WwLek41EprtZViz4psXmYYcYVoLtQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
178
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A067 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:23:02 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame A067 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=22233753&cmp=30764846&plc=378851769&sid=6848107&dvregion=0&unit=336x280
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
56109fa3da6aa8f73ea350d38977235631ed519eb883aa78b13f530b2744d67d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sun, 12 Nov 2023 17:23:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 09:32:24 GMT
Server
UploadServer
ETag
"ecfd819e1e247598f4ed0f18c70f6f53"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Mon, 13 Nov 2023 17:23:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A067 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 10:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
26430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A067 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
76838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:02:24 GMT
l
www.google.com/ads/measurement/ Frame A067 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyZUmvoVxFzfAZGft5PTPBwn4VwlnIHGXJr1-emRmKdkRhD6ClnUkc3B0DzScz363jQYe9_kGcx9P3RiJY39vOSiDqKQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A067 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:23:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A067 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJIsP2dSIcqW9GexTeajcIgUhhjffGnRsNkb-Exu1Bly-ovEplBwdRR31DuuNS9x5j8Mugz0OhPPhkdThNr4XS8eqegIasa62wMDAYEEFfxvMKWf0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A067 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1149050881665707586&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41CE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bf4yD0bB7oPnf2-pEP8Qa127yOZScs6ggu4ZJaRXmJOWyAGwK4nYpoEyfaweuPt3GVMYO6YWzIV3hndP1ocLnTBmE1AKVBpq9cdMG4sFFN1J3SO2s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D64C 		611 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeaNhD_92wYsoeT8QEwAQ&v=APEucNXs50zGlSYt9HLtcNCUh2ncMmd6-647mq5pjocdIB6FJgLZub4sIIMzo0PJzuALhApPPKHcVCrORI_dlEptlhk_ko1ZN0GEJ7ryuknAYcv1hGofYsCHMkgAqYS06KR_lH6NEypZPctTB6PFnXSasfUjrHKCQWXvq22ZJW6ussizHo5JsXM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 41CE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:06:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
76582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:06:40 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 41CE 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
75852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:18:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 41CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucqKH6lye8GchdRcLw5CqfNLPhaB7QdDVEA1ZNffbWe1PsBjDStdgJYTV-tP0jo1aigD-dajFoh8UeSqmQaxdA8lauv5vuzNkQg_Osz_-G6mnK-Ta9sPSGDuFz30OWmvqH-9roR2eUJBqhDEiYideRJcerQZjigAHTK3jqmDkPpWnKL6AJvD7e1rQB_1pnSlIt1g-7rqXNx5sV3yZR1oYZZLTnJCe8R8unicGpLvRzPJEbrpasJ12Ax6AgV_okyLVMnp9HKS7hCvt6n42P-vIitaovARXYDo1Z6jEXm1zW-m_aUjRmtfcs0iFbRsLs_LzPQLSw3_CP8SXR2pQgyoMtRFrRqWHbosEDcvv_ucIAFvF8tzDMX0oUVo2Fl8BKVxpyt3Zhd0YzkToHFIU3ZZLfAsXl5jROdRXnl0fW1koJPfAqsKn28htcjlQ_VLOqH5rt3StyNca7IvIhsP0l_-2Uz9Gi7y1aQ6zoAoujlnBq_wEzB0XpwzBQv7wGkigM_n7jlnk6e28N5itTV2qyFBI5S2KHzbEmMAXvf1kpux3iJqsP17vq7WygvVoiWVOtHd-ka0KaI7W3nZhpxJFmqg_3swe9GtrpRP31HmXhqtBVH6cd7EfOfYrCVkWid2q2bDQX7_KBWPCClT1WncOngdw2c8WCPLN0pEeQIj0J72UHFIMmRZHdWRQEOwqtCgRBFpQLCgjrHGPpadXmQyBeHgThiBRTZZ1qQyT2EtMw9BAtkWPtVOctQfvox-hZNEg5faNcTF2kNlmDMjOFRm5JGhcIrg7f8ofjWborMuYhyfqpkHF-MzJaxVCpI0d1mcLGMXHtq7SxoFHTQKfOmMrM0mejgdnhTY1fPP9nKaMmEqcqFLkry-Zeu5BGDrDmnFsumQuaWmIudjKCuYCxlETBMBV5Hf6kX67i1oulJ7ZFl79I2CFsDBvlCQsiyELbgpFq5HwBiujGaYM3VkrUpXnJoKdeJ4_0FhA2jfcVdsgzvOMycfx3xYjomr5tilcugGKsh9R33Wil05CAV5nn7hVotlINOKPU-5Swlx3kChmRdtMJKlMME_H4A0JlJICwGvT9d7Nkjo7Ta6-_eVvcZetIGsmNMBHbO-ud4HeCC1SlHFrr9KbGNElGxgn7N3ezUuF98Yxs32xBKRCgmbnjBBjfTRRM2-lZPgFXaq-2s3qnuV77RdLQnBTyOSU21U0fYriRuy6RbpzI9Y-nCVc8lMl8jUb8i9coGFtM6u70ZraICuHJkapKj5PlMSIyxk1T9kO5KNq5F1n4lRtOroNHgtRl1AZQuHj6OG-Z_wfLKq7ZWWcfF0rTHIiVS5VgE-KostEHsJqRpriLrlHUP-4LXTTMSJZko-xy8Df6fAku0xfzAJqI_hedzcNimjqhTq2TNkVJs5sZjEx3DCGJit1l1ivDyMCHy-EUgX-x&sai=AMfl-YTzWQVjY4vNALdeFokpcwdIkj-FXYR_MWDjK_c4itKYLwLrpbtHpu90TEms9Lw-JtNQ0xAOTUh2syGk2uSNc_Te3uZXmkLNVUazEM22LiuA8Ya-DqMwzmmQ1kTU72wWFatBOZdYhBG_DIBUWkiGklVrZNDKE1ymq00APnfCjpWamSIL-B7e5xg8UbcXVTayzjXG3_ybQfiuwWaSOhwEQd7FHB-zQEWRS9aBmgLJc2Vu6pOzJ_YIZx5TS75S665xg9r88Qn6L9pJ-3-fyW7Cfx-djU0t8Ok8eJSY3bacMgm6AmCf8pkr9XLm8qZKNR7ooAxThIR5Gplu445udPec4a83VMEQJxuqYk0-xXBs_fmYvwm3vyMA6VIAUdIh_p2tcto5-Gj1MkxiRwIqISBsNRXn_c0I&sig=Cg0ArKJSzH-7oGS5m9MVEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231106.99694&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 41CE 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
214731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
1390728114776081144
s0.2mdn.net/simgad/ Frame 41CE 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1390728114776081144
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81dc3ed27de564018bf520378a8471736a07b73ff502fe5075554ecaaa3ff276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 06 Nov 2023 17:46:10 GMT
x-content-type-options
nosniff
age
517012
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30867
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 10:49:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Nov 2024 17:46:10 GMT
img;adv=11152216217484;ec=11152247944009;adv.a=6974260;c.a=30230368;s.a=3665299;p.a=371660852;a.a=564151750;cache=916593797;
ad.atdmt.com/i/ Frame 41CE 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 41CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 10:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
26430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DEA0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
71169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sun, 12 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 41CE 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 04:10:08 GMT
x-content-type-options
nosniff
server
cafe
age
47574
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Mon, 13 Nov 2023 04:10:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 41CE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
76838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:02:24 GMT
l
www.google.com/ads/measurement/ Frame 41CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQljTC4WnSXVQqPwWDOT0Bobv4_ylUwzcu4iNOL-brPxQ-4H19J5Nvvbt-qpotB_wXSfYj9PQAAaNo4HHRsOcm1mkOm1w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 41CE 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:23:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1315 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8QkvhCyKdNoBuf_1vCr_ukil4jKc3axqXSLjyyBqTNJ0dVO6R5AuFS8wt1FN9lUU8JxekNb6FjIi6cvZmfyG2fozQYLQt58FBTFCwrAQqR7iyW5M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D7FB 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARjftrP8ATAB&v=APEucNUUtMmmGTrYvA3SDEqLIfZAKmTQus9v0FazK6WZFIPeOQ6fG622lF2udeHcJ7t6m8PIKpXeK1lJcqwXZts549QoGz0wBhElL-N91OtkjC9u8O_IYfdAP2bB0WD2k48ZvHXRTmOaifKu9rcnmRJqp-NYRgG4yojFpg-k-S-18j5dbtbfEYs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 023B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AecMXHj-dESEO8R0FRhIdx9FHfR5N9x4DRFobOqukuxYq_0ZZdn5dwPaajylhSsbaIiq_VlcrKP3OqeAUnq1ZMR-b0D0LCA1nGoJBrAvAanB91U2c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A21F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lovquu6e&c=4854621573240&slotId=2427310786620&qqid=CImThfH8voIDFURMwgUdxHMHLQ&fb=outstream-lima&vast_v=3.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B30217569.373317506;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];dc_vast=3;gdpr=;gdpr_consent=;dc_mpo...
ad.doubleclick.net/ddm/pfadx/N1446572.279382DBMTP-668871755/ Frame A21F 		28 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N1446572.279382DBMTP-668871755/B30217569.373317506;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];dc_vast=3;gdpr=;gdpr_consent=;dc_mpos=[BREAKPOSITION];ltd=;dc_osd=2;dc_frm=2;vis=1;dc_sdr=1;dc_sdkv=h.0.0.0;dc_sdki=445;dc_eid=420706098%2C44752538%2C44807614%2C44807615%2C75259414;nel=0;ord=234293265
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
8fd2ea79dea5e27405b945c57031dc9f1a3a864317961b99921c624b8d99b06d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14891
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D986 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahDVyZ8CGLiqnv0BMAE&v=APEucNUneYKmoGGX6TRDoj7RgFtKCjlhqpXZgjutRGsfyavKbW9NpGb-W7MuQQ1fp9OZUwQ3386SypuEKDO5qdexZSXluZ7KhRE6ze87kb5DrjqfdPdYiBnkkEOxnilzae7CyxK1Phxpl7L2PrMwBTVWkWFEIvZIL-UeT9UW2DVgq9DtPsZJuPs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1315 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 13 Nov 2023 05:44:10 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 1315 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
75852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:18:50 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 1315 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:06:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
76582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:06:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1315 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
214731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1315 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 10:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
26430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5D3F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
71169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sun, 12 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 023B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:06:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
76582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:06:40 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 023B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
75852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:18:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 023B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwRopolosbk8oPLPfBCLJjLPaG1T3OTx1OmqQy9bdjvv0FU-KJVlc_74ILuZpJ7Ms5c1NET2l6RWjm-rIf4n7rNGi76teK-L1gQHrVkZSKQFQtKIEkHHoZrpzIMEDaRkDU244l2JIhDPf5RVknAGSeXE4qPheh4m-XYYDISVA_TcLeGUB-MBiljzHdL9a_tQKuRgwomWMgbFtHRsSLHDXaJLpUdeC0kivk9D_b5aGUsSkMn25gI-aVBuis-hzYe_VrvKvvoG7eZupeOISoO3QLVYSyoN_QCW5f30YouHivWt83Fk3R9pI6nCXNsp7Gprv8eb3UGdHapPCvMwe5NOn7zRprUKtaai7rKj9UaJ_sVs2nEdpmdMVBcuBCm6Am1nTVdtbRfzyC1LxNP8RSQtaclel2msaUA7Zhxk7EG9ceq-OW3mEWbyewMeu4yVneHKUTCqMj8OYb4BRTRQJgSkC4vWuD9iSKahwnD5uyZjWNcGad-q9SqD6ZxzEKLObIPNa5k34yIPLjnR8iu8E0GNM7-geeKqGXEO7ixzVF4ewsR19V-hpzdSV5jUhg6k2YVyuD3VBaMu85ctLN0hEIXKElC-MD6Edvy5SKdTNfhjJMj6mEOJ-G4g0464oiOfc-36ojKmIr4uRT9qogZiuJ1hWZdzI0FPmp6TApkqDix6snLtjvgs_80YXWz4Mn9tWSVqvnLK-49A2wfVevZS_8zci08a976YpAvg2xF9mnY78-Kqrp2WSMoLNSQZ_K4UTAqhG-ZyQfGbU3OKwLt4EpgPDRwkgn8tcIFYajW9bzzKKFa2LQFBy_tXAEF46qajMFmulXxql66I9v8Ck4LMlWzv9_tioR_8D_RcpYFOXMr0UeX1KDllimE5mYb5HDfd_e3b7UHnqhgIMSZyP608icFWfjVKOvEMIcEhxv4F-0qBjZc3GAMX1LrKMq5EoE_Ly17lFSSzb8ENSJluzEmrxe-xc_fNaDfKV_roLG0t9QE7W_4zUZmGz30xOQmjXofOZKQ2H_Svx-Feza-KHdSwg4wfAZTb6MT8piKwGtRgomPiwqfnb5BYRpNtDSPlXvVM1fINmwIqT6CYoOT14Ai4JmuDI-msfjXNkWXKa0nfJ6ZvNaJdhs4olrfFwgXUdr-A_Wak5Q6qmMPYb3Cd7GMLk9zSt6ivLvP2MrJaGPo_RUfa5lpGZXVO0--zHmZcEWQqgI1U4XHXF_hJALG5BjJgNj0OsyzhG_eju76fM-CN0HHNd6EfizZy8cgaSnJ7wXRYLrldSBGzfik8ryO04fGQ4q94ShcquwvQg6roL3m_m2SXBakMzyXQ1u2fMDHdEC3-b85O1ao2TrCYkm2Q91p83AeJdIctvMVTHXPzwrjVTtYtMgt_e08cDCeiz48nnlVVnLGWmBWOyEjnNrR-4YKA5jNuFj8Y0c8HpDu4BJtAEfNgqqY3h2GXzKY4oHdEGn7v7ghXck&sai=AMfl-YRrlSC6mlU9yYLiRXEIrUKDjESVTqPhxXsrm76osq3Q_ZlC6V2udJksB0kmhLiSjG8eb2-EqvUvu0sfbMrJYp7bfMgm1b5hiTwAvi-EuS2B43KRZEeyUEfjOm7cLKw_H-0j_pDRVcZQZuit3XKgyGoY8AksrdPkZj3MHWPL2LcxZsJd8im_urU66R3ETV6f-mK_fUBuCJXpAIkxBQLQlP61WDc2sSYlT_1g9iTwzcW1JGjirRSwKVNa67vwALiHSsy_Ov2F0MEldY47PnmPNdO8YkqVVg342FxzdXPqGuzS-sOff9qxZySHqRUKLFK8Ec5kgASYELGB6Io-t6_Ns1GIcEH_M2aIvYINy4HzzecUl6C8G_-6VXmBcyAX_oNYGy8X_RuHRjBmKxP9O37WZ0_n&sig=Cg0ArKJSzCpPbqT6vcalEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231106.34173&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 023B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
214731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
8651577377212606017
s0.2mdn.net/simgad/ Frame 023B 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8651577377212606017
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5949da0708724baa0704df69c1b28a87aabd9ba72b493ad373f53443e2f884f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72207
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 11:42:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Nov 2024 17:23:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 023B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 10:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
26430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2EC3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
71169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sun, 12 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 023B 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 04:10:08 GMT
x-content-type-options
nosniff
server
cafe
age
47574
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Mon, 13 Nov 2023 04:10:08 GMT
/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame 34EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEH7uNBk7Yt0iwPa-qN-547A&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEH7uNBk7Yt0iwPa-qN-547A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLwBEOSj38QDGN3Q0foBMAE&v=APEucNUQK5KdNPlySJxDyO6-jsS_xBmLdQauKCOc7tjt9myl6GfBmYNAhKuPdlw-aqGm_HAiAOfJUXjcvXmWXRdLvMAgueZ6EF2ECEsdhToMvDn1DCF55D9saJa04sYzEpytXW80D0srbSLOPVbezITkP1WwLek41EprtZViz4psXmYYcYVoLtQ
Protocol
H2
Server
2001:678:cb4:bbbb::13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEH7uNBk7Yt0iwPa-qN-547A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 34EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOffuqh1l1hpUYUfYD8oZb0&google_cver=1
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOffuqh1l1hpUYUfYD8oZb0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLwBEOSj38QDGN3Q0foBMAE&v=APEucNUQK5KdNPlySJxDyO6-jsS_xBmLdQauKCOc7tjt9myl6GfBmYNAhKuPdlw-aqGm_HAiAOfJUXjcvXmWXRdLvMAgueZ6EF2ECEsdhToMvDn1DCF55D9saJa04sYzEpytXW80D0srbSLOPVbezITkP1WwLek41EprtZViz4psXmYYcYVoLtQ
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=298nNIb%2FyB%2FP36SQB39U9ofkoENXQfQcQD8F19ZosGQH03cgzOX7d0MBX4SrZ05UVkdJqjJP4PMyYsBQgNAYogVnOo9xqDKOkdfkTQ%2FwkhCDVYKLxfeTDx8pUlBPpYz%2FtH4vnllYaXe7yA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825075e6ea806ab5-MAN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOffuqh1l1hpUYUfYD8oZb0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 34EE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVEJ9swyHxMu3YfBT7xuSQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLwBEOSj38QDGN3Q0foBMAE&v=APEucNUQK5KdNPlySJxDyO6-jsS_xBmLdQauKCOc7tjt9myl6GfBmYNAhKuPdlw-aqGm_HAiAOfJUXjcvXmWXRdLvMAgueZ6EF2ECEsdhToMvDn1DCF55D9saJa04sYzEpytXW80D0srbSLOPVbezITkP1WwLek41EprtZViz4psXmYYcYVoLtQ
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FA788RVYx70TN0FjuUv1LSSEFSYFwOC5O1wO5qWUiPPFvbcN7C1yGTrGhvLhaphnnyOMfKX8pF3JT%2FJkM5HGG1p89Yso%2BouRZ%2BelBH7IaUfYy2Y9kQtrdG0qp4yIQLd5cYLQVn71fS7sg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825075e81d916ab5-MAN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D64C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELmUBjXcEGS0R9w7DnhF6tE&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELmUBjXcEGS0R9w7DnhF6tE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeaNhD_92wYsoeT8QEwAQ&v=APEucNXs50zGlSYt9HLtcNCUh2ncMmd6-647mq5pjocdIB6FJgLZub4sIIMzo0PJzuALhApPPKHcVCrORI_dlEptlhk_ko1ZN0GEJ7ryuknAYcv1hGofYsCHMkgAqYS06KR_lH6NEypZPctTB6PFnXSasfUjrHKCQWXvq22ZJW6ussizHo5JsXM
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
an-x-request-uuid
ec5bff94-1e52-4f73-ba20-b4b47d46f6db
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.138.196.104; 217.138.196.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELmUBjXcEGS0R9w7DnhF6tE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D64C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeaNhD_92wYsoeT8QEwAQ&v=APEucNXs50zGlSYt9HLtcNCUh2ncMmd6-647mq5pjocdIB6FJgLZub4sIIMzo0PJzuALhApPPKHcVCrORI_dlEptlhk_ko1ZN0GEJ7ryuknAYcv1hGofYsCHMkgAqYS06KR_lH6NEypZPctTB6PFnXSasfUjrHKCQWXvq22ZJW6ussizHo5JsXM
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
an-x-request-uuid
8d96dec3-facf-417b-8db4-38a1b7f27ef1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
x-proxy-origin
217.138.196.104; 217.138.196.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D64C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGvYr4hZDFyYLt7s4fDhuW8&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGvYr4hZDFyYLt7s4fDhuW8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeaNhD_92wYsoeT8QEwAQ&v=APEucNXs50zGlSYt9HLtcNCUh2ncMmd6-647mq5pjocdIB6FJgLZub4sIIMzo0PJzuALhApPPKHcVCrORI_dlEptlhk_ko1ZN0GEJ7ryuknAYcv1hGofYsCHMkgAqYS06KR_lH6NEypZPctTB6PFnXSasfUjrHKCQWXvq22ZJW6ussizHo5JsXM
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGvYr4hZDFyYLt7s4fDhuW8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D64C 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeaNhD_92wYsoeT8QEwAQ&v=APEucNXs50zGlSYt9HLtcNCUh2ncMmd6-647mq5pjocdIB6FJgLZub4sIIMzo0PJzuALhApPPKHcVCrORI_dlEptlhk_ko1ZN0GEJ7ryuknAYcv1hGofYsCHMkgAqYS06KR_lH6NEypZPctTB6PFnXSasfUjrHKCQWXvq22ZJW6ussizHo5JsXM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 1315 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 04:10:08 GMT
x-content-type-options
nosniff
server
cafe
age
47574
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Mon, 13 Nov 2023 04:10:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1315 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
76838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:02:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1315 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 10:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
26430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:32 GMT
l
www.google.com/ads/measurement/ Frame 1315 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsBTjINa-48iDoKtH1hiC88ZVquOPMk2FtjyjPKRFrD50w04JscNuPM3WVuVAq0z-QyVCwEmTpli09-PUN0i3lhnoYBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1315 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:23:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 023B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
76838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:02:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 023B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 10:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
26430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:32 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 023B 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 04:10:08 GMT
x-content-type-options
nosniff
server
cafe
age
47574
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Mon, 13 Nov 2023 04:10:08 GMT
l
www.google.com/ads/measurement/ Frame 023B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTp-ycRcYdZkdOcEu9yGVsh0E1E77WH3QqFHxPqiqTRrseaCGw41pKE3zD_tr4l0RarEazUmNX8KjAN9m12dAzdg8UIIA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 023B 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:23:02 GMT
csi
csi.gstatic.com/ Frame 72A9 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lovquu5f&c=1174622766579&slotId=587311383289.5&qqid=CIbGhPH8voIDFRtOwgUdIm0GmA&fb=outstream-lima&vast_v=3.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B30217569.373317506;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=7;dc_omid_p=[OMIDPARTNER];dc_vast=3;gdpr=;gdpr_consent=;dc_mpos=[BREAKPOSITI...
ad.doubleclick.net/ddm/pfadx/N1446572.279382DBMTP-668871755/ Frame 72A9 		28 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N1446572.279382DBMTP-668871755/B30217569.373317506;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=7;dc_omid_p=[OMIDPARTNER];dc_vast=3;gdpr=;gdpr_consent=;dc_mpos=[BREAKPOSITION];ltd=;dc_osd=2;dc_frm=2;vis=1;dc_sdr=1;dc_sdkv=h.0.0.0;dc_sdki=445;dc_eid=420706098%2C44752538%2C44807615%2C45401791%2C75259414;nel=0;ord=589320914
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
9987b013c4f186e1f2aafbb28ba9a97d2803af2562b0ca30d93ed992c06b7341
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15064
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1CD0 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
320460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 41CE 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebebcda3c139e459329cc1aa4c572920fd341b0eaed3826f26675f5f6cd5c7df

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame A067 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8793682117539&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A067 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8793682117539&version=m202309260101&ct=76&x=1&cor=1149050881665707600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A067 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0hDzfrhkqqh4q5yqyEgskqq9SGLovSujB1s1vrMmJr5Lg7LePCKOEJlCaKSsua5OkSgQWONbbdcD1jmfE5hToJ6yfDIAdBOC33cNsbjhrDnQ5f1uPznmq6BMCsdk1H3XAJ-HzlabOReV9_EeRF57PkxCSlJx_N3_mm8RqCI30WqICwaM&cry=1&dbm_d=AKAmf-D9y8KbCpXy0VWz1AOr_78-yuNizID5PfVXtAgmLVk-7GQdZKq6AnCk-kbFkybtFv9U4ixM10nXVw_vz9LOUM1WC2ejvFNQdPRkaASQsNRovIMfrSVYy_-D3SzjDC_njUEk2y33rUHpOHi5k-IYBhL2QeNjjiiHT6LUKNPQU0UVXBMHlyu8sfj2yWYl6GgW0CcAqI82UjI4VJprp3lGpY5LI8KnS3buiqK0MplWCklBqD3SWJtMRFp64sfXN4dJoCCY18HLHLQV8HQVc3i5qIgUjUtiLJ_OegKDoL5wx8FPAxlH192F7mAY7vHQeV_Rov-z6xtmIinccz5J6XWLVFS6OjTl2wMRkHFENpMQp_iw9z41TNg7PLBHBY6KRTmNPRhioAW1AeGFDBjAN5SQW2RmihhrGqhnK_BDvISVNfUn_KNzR3FJbNwjjU4gQgP4fWUU3Cr_Jr85hVsSwq13WAqHXMp0lcGxel4A2E654lynl_b_BCI3PxPkBr2DU1-UfVXrGt2LMoW3Vfs02h83VNKLyCTEQ0hFoPPSlGo0_P_prpm2adQbLL05aTKJAPCQrDMFu2vKLdPcYuaRF-o9Iv2sllWCinzMrJwLXkdaIyroFR3I6OdID9RvHsqm5br31Hnm2x-6OeFDHCaHPQf1NWGe-799Mhdjf4XsJ561JqwsfjrjwiKXNCZHCWg5oulk3cvXwmSWbSuY0Y5o89d9xUvaaU6tyNT-vejuqtTq9py8-aHeiYzvMI8RaJY0JsZYmcEUBbu6K2s4n-vtoFUtd8QGiYA_UB2AkdKtzmkCeNv0Yz-bjXo0oo2DoxP7KzzqhJ4VFQdfPoYDWLzPf6K0o4Xqxtvt835UhNlLEO1k87R-0DkZb01rUVCzc1DeY9m5wvwGPY6ka5D5H3Tw6MFFv-vdB71J7p5dYaVJhCNt9Nj-iI2c3AaDe6LWx_TZuVlnurNVryWbYIxPcLmOJ8ep7aoxXlY77_flKvVhYzzDLcDKsuLHDtvtr0jVeIqE242W5QJDcEoi4eT-IKJpEfo__y_BudiLxoEBhr2o3PQdPCGizFpcZW6SvMDgPiu66LqJaa8ohk8SElFTXZfO3KXPZrimO-VyLQp98SgkbD3ztlLNZsBieWbfMS2BBVFSbQdIxCE7yzaWNGnevwRGikR4ioPfJWXyshkkd_sAv2-a4Rt-cnR-XdzAy65ZD-U2Qr1Py31ORXwK8JUcqG8N17cOjPNc-uYP0tpF0i1uxIGR8C39KX4AqMZd21ZI5PoOl3XR6SRFh2nGIHGXOheA8bqzgoGBTXhniIaq32R6IM9TMtV54VdcA9-trJ6sW5uu2t5SLwftc8MI4Lk0AAsTMhfqM9-F_Zs_etzB6luZGw3Y2qzPummuyJ4iLOcVw3eaPW8DSbVKOWhmZEpczV310zY-s04SWzxpGMsLUWsWqIQaZx8ZSNqEn-JXJBo01mqSio8op3YYseHlnRjOfK4kvLpiM9JQcMA-M6QhinI67QL_vasKOpKjNNenIpNNDMNRdJ73ezWrjWti7gBNgQ1tdiIhwN9eM1KxRkGdFZddIGbBdoq6YjeuZhtDZQ1ZZR6LL3RYa777DQLKnf0ztODhWysTtmjMNEy2nlz5khAZv4tLk3sKK582pVgjK5CzlldrRk3CiI0volci1cvHLFHpIijKN7gGEqmWRYQXdhWCQOxOWixv6zo1h_p8_sCSUgySDYG89mArsVKqEKnzr4Q1b2uGL2PdBvMVuFoHK5kTl9tD0E9g_VaBNKIBvb_ZmOzkQ4vAzNlr2TM3CE0ox_CEgaVaGkpU0El-s1oAGMfz3SyYw3EYbwAjA95BzH3hatU-UufcZRBZUTzlsZisRAQ115liOgmqeY2ljxFRMu6dnRRK8BxOlrbkV_pUIcYtsllvueJ6LZnliJTOrM2XROqcfUtHye5biDTC-2FQsspNlLrn8cNAvBS9OsVA0RwNlGxZ4g_R2dCef0CosgbcFHj_Y6AYp1ezVH_nFV1DzIUTyJTFpXz88mxNDMANAeWzNd7MOEwMyACFZ5z9Vp-8KbdFcP6zXJTSXPZFWt6KFOzyFmpbsqsb7DviR9vJMn_cWRUj8p3Zd7-Wd1ZOHG-4tiOMfBe4HbHpwAg1GqB3tTfJpXey6mfA3bAusf0UBKwgWPsmpltVJwlD1d8rhwS5Kc5lzB0yqWCwtm9dQcT-ZNWfiYcTImcSZFdb0Garos4OJ9tLDv3bzLPdg9jYgv7oV_s1_WolAVvvhEPK-RMmK2EaDzS6SIx-2TLLgKy_Ms0NyVXc_fi3mriylrYS69pG8fDft6ThbbHFPeeYyPJftiKfFCHoIPL5nNwtY5--blgTGK92towJOYRfU5AMTf2nJRbOJDqCU1VoeuRRvozrbcSCdetewzcC-6_H_x6IUeF1eB2fFj6_0xxGexoX_9qPhqM4DUG6tPAiUgubCY3l6xRrahrGjuxdbHWxOvAfIXR6ADcKi2Iu4S4MgoJDX8WOxPKUois8cg5di9ZgF8SdIkr4d9cCC4lD8EM6DEjXZNLgrNgDvd7OOGctHbz8i36fl0mzoSYgJdMIBO3SnLvskubuYozc0l-TR8i8ShH_vNcgpPhm03kvAlKVyI8mZsXKsFSq3S39wSsWJfXVxjm3XjjVIg4qWeNmJv8dPrMHPuWg3-Y0q1L3bQoMKooqIfcStpuOdpR4UWNzR3JEig6L6JfK5cLPFg-rLxQ3AxysrgwfuaCXFIbFI3vOwF9qHMQt_jf-SvobWKFtx9PXMTNBfa6pYmHPg8y74AdKnhGxaURXee149yYQDR3AV-EZ_6HYdUtla560sbhMVbHzCAC5gzeWHMTClpqBC5T0AZ_YMgJCZNJh5Jnwfp6CzExuD379brMKpVPK_MBrQrtuomYU-IWOxNS8JXiBhURqMvvYmKdTHy8zaxuBr-RiiMpsu52yU9sCaM6B1nycWhVjGG-kXodUjT3mWRr4YMAoa3U9iikrvSVfPYQL-tBZ2xD1T3F01X-h1Ctf4WgAC8DcZY3SWMTWKRFxCCgJuFN7feVEvCK5HsdQxp4B7S5CYlag4dgB7379Qs6wlTvzrTE1-m_NDLo-IhdzgTm_wUFx9-BP2o2lOLxA-sQ5UEQmwhsWW2QcBYcGXj37eH8JS3W0kqqLjSSSqmVekb4i92K8xS1UreKLLjwW7en5-NAt-yJ0QoQv0A4OMqWa4WSJ-RK6gWjejislkT0LvSeUaBcG9-7Cpj1fFcM2J0ijmnmpIthnfeFukDlMMjkJoH4SV_lwzA&cid=CAQSPADICaaN93mU5tHWp1zyWeUUitQux34dmBGDplnqxnRWknMudE9tI9eebG9GLzGWfQncVaBhLA6ORCMOthgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Femployeeloginportals.com%2F&ds=l&xdt=1&iif=1&cor=1149050881665707600&adk=1726166460&idt=158&cac=0&dtd=34
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90007725a25ce46d7eb3a86a87f2b5da2b82564dc09d1f85ffeef5d25851d67a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12432
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE7D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSMmCUCLS6410zTud1e0TJQS4k2oGB7-AYzRRY2HQyqrfiTfqwGdM2DTD44pOvu_zzMIkcK7LjE_hdSW2POngJ3BNs_TxtKqlF6HArHk2rcOQtVY8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame CE7D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 10:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
26430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:32 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame CE7D 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 04:10:08 GMT
x-content-type-options
nosniff
server
cafe
age
47574
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Mon, 13 Nov 2023 04:10:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame CE7D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
76838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:02:24 GMT
l
www.google.com/ads/measurement/ Frame CE7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVnJAJchzcgQZV8W9MSaOcfaZm6_QBGjT8P2K4MDJoOW2qjIK0SDlpPpsPPhrwbZIWaxVg7wet3TyYlUT5uGf-0fvxOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CE7D 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:23:02 GMT
rum
dsum-sec.casalemedia.com/ Frame D7FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxfkXSJsiJalRxbIarip2I&google_cver=1
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxfkXSJsiJalRxbIarip2I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARjftrP8ATAB&v=APEucNUUtMmmGTrYvA3SDEqLIfZAKmTQus9v0FazK6WZFIPeOQ6fG622lF2udeHcJ7t6m8PIKpXeK1lJcqwXZts549QoGz0wBhElL-N91OtkjC9u8O_IYfdAP2bB0WD2k48ZvHXRTmOaifKu9rcnmRJqp-NYRgG4yojFpg-k-S-18j5dbtbfEYs
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2qhaYkwX1h7%2Fn8ggOgpSy19B2ktpbNyN8jCNJL%2FnyCfbtsptKdL1OjCoKLQQq3V3wzZKZZF4l2CQR2X4kQ81LfgeEISs13vgUvyabEV0qy1J8WXhkVuCQ6dSFpxLCXaMPwsWLvj%2Bb5Atg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825075e6ea866ab5-MAN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxfkXSJsiJalRxbIarip2I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D7FB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVEJ9swyHxMu3YfBT7xuSQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARjftrP8ATAB&v=APEucNUUtMmmGTrYvA3SDEqLIfZAKmTQus9v0FazK6WZFIPeOQ6fG622lF2udeHcJ7t6m8PIKpXeK1lJcqwXZts549QoGz0wBhElL-N91OtkjC9u8O_IYfdAP2bB0WD2k48ZvHXRTmOaifKu9rcnmRJqp-NYRgG4yojFpg-k-S-18j5dbtbfEYs
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ENRiNB%2BhkocUiUHTjrzGpYatP8at2Tot9fCReKcvvXFp09XbeqHFUym%2Fv%2BVgnSZXqPlJcsqPVlilkADN8XAQgFbCt0y7gqvlU4LVoAeZReUzgCPEXSMedUKZ4Bp0XE6fVPxP%2Blt%2FCv2Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825075e8df306ab5-MAN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D7FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAtUj3HyRiidDXd5rjg4vGE&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAtUj3HyRiidDXd5rjg4vGE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARjftrP8ATAB&v=APEucNUUtMmmGTrYvA3SDEqLIfZAKmTQus9v0FazK6WZFIPeOQ6fG622lF2udeHcJ7t6m8PIKpXeK1lJcqwXZts549QoGz0wBhElL-N91OtkjC9u8O_IYfdAP2bB0WD2k48ZvHXRTmOaifKu9rcnmRJqp-NYRgG4yojFpg-k-S-18j5dbtbfEYs
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
an-x-request-uuid
d7f34132-a150-41be-820b-062fd8ba49c0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.138.196.104; 217.138.196.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAtUj3HyRiidDXd5rjg4vGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D7FB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARjftrP8ATAB&v=APEucNUUtMmmGTrYvA3SDEqLIfZAKmTQus9v0FazK6WZFIPeOQ6fG622lF2udeHcJ7t6m8PIKpXeK1lJcqwXZts549QoGz0wBhElL-N91OtkjC9u8O_IYfdAP2bB0WD2k48ZvHXRTmOaifKu9rcnmRJqp-NYRgG4yojFpg-k-S-18j5dbtbfEYs
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
an-x-request-uuid
3a4511b5-bf82-4ff7-80e9-8a776dc248e8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
x-proxy-origin
217.138.196.104; 217.138.196.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D986
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGvYr4hZDFyYLt7s4fDhuW8&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGvYr4hZDFyYLt7s4fDhuW8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahDVyZ8CGLiqnv0BMAE&v=APEucNUneYKmoGGX6TRDoj7RgFtKCjlhqpXZgjutRGsfyavKbW9NpGb-W7MuQQ1fp9OZUwQ3386SypuEKDO5qdexZSXluZ7KhRE6ze87kb5DrjqfdPdYiBnkkEOxnilzae7CyxK1Phxpl7L2PrMwBTVWkWFEIvZIL-UeT9UW2DVgq9DtPsZJuPs
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGvYr4hZDFyYLt7s4fDhuW8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D986 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahDVyZ8CGLiqnv0BMAE&v=APEucNUneYKmoGGX6TRDoj7RgFtKCjlhqpXZgjutRGsfyavKbW9NpGb-W7MuQQ1fp9OZUwQ3386SypuEKDO5qdexZSXluZ7KhRE6ze87kb5DrjqfdPdYiBnkkEOxnilzae7CyxK1Phxpl7L2PrMwBTVWkWFEIvZIL-UeT9UW2DVgq9DtPsZJuPs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame D986
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESELfPB-uN45iaFzL92cT4gR8&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESELfPB-uN45iaFzL92cT4gR8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahDVyZ8CGLiqnv0BMAE&v=APEucNUneYKmoGGX6TRDoj7RgFtKCjlhqpXZgjutRGsfyavKbW9NpGb-W7MuQQ1fp9OZUwQ3386SypuEKDO5qdexZSXluZ7KhRE6ze87kb5DrjqfdPdYiBnkkEOxnilzae7CyxK1Phxpl7L2PrMwBTVWkWFEIvZIL-UeT9UW2DVgq9DtPsZJuPs
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires
Sun, 12 Nov 2023 17:23:03 GMT
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESELfPB-uN45iaFzL92cT4gR8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame D986 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahDVyZ8CGLiqnv0BMAE&v=APEucNUneYKmoGGX6TRDoj7RgFtKCjlhqpXZgjutRGsfyavKbW9NpGb-W7MuQQ1fp9OZUwQ3386SypuEKDO5qdexZSXluZ7KhRE6ze87kb5DrjqfdPdYiBnkkEOxnilzae7CyxK1Phxpl7L2PrMwBTVWkWFEIvZIL-UeT9UW2DVgq9DtPsZJuPs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires
Sun, 12 Nov 2023 17:23:03 GMT
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
current
dclk-match.dotomi.com/match/bounce/ Frame DEA0 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKiW01dLfDmbLDfl9wkUO14&google_cver=1&google_push=AXcoOmQ0_9dr_x2mVLZyhQ10vUYzjox-CO1KKrDX2Lff4V0WhmO_yaOm5MYBt7hJuPBu36W2P6IZwgMvVqmTUPuHQ8CPW8tiD5wwybk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame DEA0 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESECO_nIebjt4qTIksGna6p10&google_cver=1&google_push=AXcoOmQa5sawwU9DYzFhgWGfnS55v7W8JiCgVshOEx1wodih9aoDUrTvoyzTq8-Ed-dWa205B2Vs0opEC5TE1FBmtPBMvKR1k3LdeeM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame DEA0
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRXQ8Yf...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmRXQ8Yf...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMTIxNzIzMDMwMDA3MzA3MjQ5MDExNw%3D%3D&google_push=AXcoOmRXQ8YfTL0Q2Sj3pVBslEWyJ1VucPCj3m29tnX4-4IKyFTzwkp20U4r3zleYyGEqJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMTIxNzIzMDMwMDA3MzA3MjQ5MDExNw%3D%3D&google_push=AXcoOmRXQ8YfTL0Q2Sj3pVBslEWyJ1VucPCj3m29tnX4-4IKyFTzwkp20U4r3zleYyGEqJqx1b2eDg8V4eM6X21vc7LYuZZYoExzT-N-
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMTIxNzIzMDMwMDA3MzA3MjQ5MDExNw%3D%3D&google_push=AXcoOmRXQ8YfTL0Q2Sj3pVBslEWyJ1VucPCj3m29tnX4-4IKyFTzwkp20U4r3zleYyGEqJqx1b2eDg8V4eM6X21vc7LYuZZYoExzT-N-
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Sun, 12 Nov 2023 17:23:03 GMT
pixel
cm.g.doubleclick.net/ Frame DEA0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJTsvlIl1sSO2Ch-r5mcf1M&google_cver=1&google_push=AXcoOmTa67EuumQbxfVGBB25A515CHKbPgPWC2CLTzNSuCWt3hG86zp8HXvQNmAL9i9gkSlljzxRb55dQ2zN-4hxjNJHc7X...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTa67EuumQbxfVGBB25A515CHKbPgPWC2CLTzNSuCWt3hG86zp8HXvQNmAL9i9gkSlljzxRb55dQ2zN-4hxjNJHc7XGhbPdkxqN&google_hm=eS1fODFQMkM5RTJwR2...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTa67EuumQbxfVGBB25A515CHKbPgPWC2CLTzNSuCWt3hG86zp8HXvQNmAL9i9gkSlljzxRb55dQ2zN-4hxjNJHc7XGhbPdkxqN&google_hm=eS1fODFQMkM5RTJwR2FZZ1JUWEVsekh4RnVnRGRZdE40Yn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Nov 2023 17:23:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTa67EuumQbxfVGBB25A515CHKbPgPWC2CLTzNSuCWt3hG86zp8HXvQNmAL9i9gkSlljzxRb55dQ2zN-4hxjNJHc7XGhbPdkxqN&google_hm=eS1fODFQMkM5RTJwR2FZZ1JUWEVsekh4RnVnRGRZdE40Yn5B
content-length
0
sync
x.bidswitch.net/ Frame DEA0 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEDImyksvcd-Pvdc-5BRkGZE&google_cver=1&google_push=AXcoOmSW7YQY2zMh1DpQUPIQ-g7G3sKdf2tWXWGvXrxBRJD8lKXO8AUnUV5gC8FUq2ls2BtJZ3K18MZWlZZVOXHhkoSmAq2LqwzBKv9q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.104.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-104-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame DEA0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHdctPb_yB56ODG0r39R1sA&google_cver=1&google_push=AXcoOmQdyPHkwiHsL8IJW2ToHgo7979Rp_DAkIv0elwW4Ai1I2pUya-VCmJ6wompUTPUuwn3TCbEtiLX...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHdctPb_yB56ODG0r39R1sA&google_cver=1&google_push=AXcoOmQdyPHkwiHsL8IJW2ToHgo7979Rp_DAkIv0elwW4Ai1I2pUya-VCmJ6wompUTPUuwn3TCb...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3NDcwMDkyMjkxMDMwNTYyNQ&google_push=AXcoOmQdyPHkwiHsL8IJW2ToHgo7979Rp_DAkIv0elwW4Ai1I2pUya-VCmJ6wompUTPUuwn3TCbEti...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3NDcwMDkyMjkxMDMwNTYyNQ&google_push=AXcoOmQdyPHkwiHsL8IJW2ToHgo7979Rp_DAkIv0elwW4Ai1I2pUya-VCmJ6wompUTPUuwn3TCbEtiLXO7Jqsv5H5oYFvV2P0PHV4BEI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3NDcwMDkyMjkxMDMwNTYyNQ&google_push=AXcoOmQdyPHkwiHsL8IJW2ToHgo7979Rp_DAkIv0elwW4Ai1I2pUya-VCmJ6wompUTPUuwn3TCbEtiLXO7Jqsv5H5oYFvV2P0PHV4BEI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame DEA0 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame DEA0 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lrtz0vsAUUahOIVeox6rtuvqja0DhHwGL8IX2qI-qrAlW5uLpI5fOol0SWrJh1_7bCgbCzgw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame F35E 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARi5ir_8ATAB&v=APEucNVNkyx21Jhczj1clX0dcZgJ5vsTXXBR7cM_lkHADDYOne3spfvGyUA654AUJHcDo7btBL3zh5byQCcwN0m35y66jqkqfsWC2VaaOI2p3py_aAGb3t8Gmic1sU77ieqlGvnASnlFroHhIsWJQ3LIknQ0EM-WQ9cVn780V6VXarPQbCkdBdA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame CE7D 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 13 Nov 2023 05:44:10 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame CE7D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
75852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:18:50 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame CE7D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:06:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
76582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:06:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame CE7D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
214731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E7A2 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
320460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BA1E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
71169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sun, 12 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 72A9 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lovquuep&c=1174622766579&slotId=587311383289.5&qqid=CIbGhPH8voIDFRtOwgUdIm0GmA&fb=outstream-lima&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 72A9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 05 Nov 2023 22:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586213
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Nov 2024 22:32:49 GMT
file.mp4
r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 72A9
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/034CD48C639B64803666B208F97CD39AF9902C64.762B46C76E6C4479F7404E84F476B797CB97DAFF/key/cms1/cms_redirect/yes/mh/KO/mip/2001:ac8:21:e::14/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1699809637/mv/m/mvi/1/pl/48/file/file.mp4
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
HTTP/1.1
Server
2a00:1450:4009:34::6 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sun, 12 Nov 2023 17:23:03 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
854385
Last-Modified
Fri, 11 Aug 2023 14:00:33 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 12 Nov 2023 17:23:03 GMT

Redirect headers

date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/034CD48C639B64803666B208F97CD39AF9902C64.762B46C76E6C4479F7404E84F476B797CB97DAFF/key/cms1/cms_redirect/yes/mh/KO/mip/2001:ac8:21:e::14/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1699809637/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 72A9 		453 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-9340358673009042
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
expires
Sun, 12 Nov 2023 18:13:02 GMT
csi
csi.gstatic.com/ Frame 72A9 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lovquujt&c=1174622766579&slotId=587311383289.5&qqid=CIbGhPH8voIDFRtOwgUdIm0GmA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=485&mt=video%2Fmp4&vs=720x406&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.28j~atrd.28v~videopreviewvisible.293&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A21F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lovquubo&c=4854621573240&slotId=2427310786620&qqid=CImThfH8voIDFURMwgUdxHMHLQ&fb=outstream-lima&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame A21F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 05 Nov 2023 22:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586213
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Nov 2024 22:32:49 GMT
file.mp4
r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A21F
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/22608D61CDDEF25F03735E409610684022E6E2D7.29D8F01165B12FB4982E32CDD0F91BC1D549EC23/key/cms1/cms_redirect/yes/mh/KO/mip/2001:ac8:21:e::14/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1699809411/mv/m/mvi/1/pl/48/file/file.mp4
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
HTTP/1.1
Server
2a00:1450:4009:34::6 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sun, 12 Nov 2023 17:23:03 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
854385
Last-Modified
Fri, 11 Aug 2023 14:00:33 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 12 Nov 2023 17:23:03 GMT

Redirect headers

date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/22608D61CDDEF25F03735E409610684022E6E2D7.29D8F01165B12FB4982E32CDD0F91BC1D549EC23/key/cms1/cms_redirect/yes/mh/KO/mip/2001:ac8:21:e::14/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1699809411/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A21F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lovquuld&c=4854621573240&slotId=2427310786620&qqid=CImThfH8voIDFURMwgUdxHMHLQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=485&mt=video%2Fmp4&vs=720x406&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.2ab~videopreviewvisible.2ak&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5D3F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDh4GvWVwMsRIrIMs57cRko&google_cver=1&google_push=AXcoOmTG-uDUfDZXVIFBSiRaUyvxUhOOHrhKJ0xra04vgtqVw0XHqGIQyWGYZxpak8Tv5FgHJiV2cT_GcxsQrpu8i1ocBAK2SgbQZQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUyNTE2NTI5NjgzNTIzNTg4Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H2
Server
2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5D3F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEXacHXxkxLHQQtxbabLQsw&google_push=AXcoOmTMUHJK5gJTDQ-L4728FAvBv5fpXt8qnXTrlLfQNtU2AAIQOl1G3U...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEXacHXxkxLHQQtxbabLQsw&google_push=AXcoOmTMUHJK5gJTDQ-L4728FAvBv5fpXt8qnXTrlLfQNtU2AAIQOl1G3UBR55xWsYe7LCa0I4YPjTJTS9iOZKJbS5K31jYy18QNv3o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-man4145-MAN
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1699809783.996395,VS0,VE81
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEXacHXxkxLHQQtxbabLQsw&google_push=AXcoOmTMUHJK5gJTDQ-L4728FAvBv5fpXt8qnXTrlLfQNtU2AAIQOl1G3UBR55xWsYe7LCa0I4YPjTJTS9iOZKJbS5K31jYy18QNv3o
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 5D3F
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECKWuur8zkSQGxCRjIvt0f4&google_cver=1&google_push=AXcoOmQXmwbG23povFOk9MA0VFKHHIQIdIZIFTAcPDNK8TBN-IZv43_i2snVP8ARAfc-jgclZNF7cpJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQXmwbG23povFOk9MA0VFKHHIQIdIZIFTAcPDNK8TBN-IZv43_i2snVP8ARAfc-jgclZNF7cpJwYYjdVul4sr-0F31g0UOdPcU&google_hm=XK7MlveDQJeJfQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQXmwbG23povFOk9MA0VFKHHIQIdIZIFTAcPDNK8TBN-IZv43_i2snVP8ARAfc-jgclZNF7cpJwYYjdVul4sr-0F31g0UOdPcU&google_hm=XK7MlveDQJeJfQFf0sBT2mg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQXmwbG23povFOk9MA0VFKHHIQIdIZIFTAcPDNK8TBN-IZv43_i2snVP8ARAfc-jgclZNF7cpJwYYjdVul4sr-0F31g0UOdPcU&google_hm=XK7MlveDQJeJfQFf0sBT2mg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5D3F
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTgv19B36kuzibVBnqHE2ghQBJSHt34RqguzcMSDDw0tvEyWxCHtES5p2VtjJu0Bv5BL0Hokta3RS9oOoBsmtCCPKzsUrCxTg&google_gid=CAESEAlEgW97ZThwCMgzqPPmqhs&g...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPeTxKoGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWGNvT21UZ3YxOUIzNmt1emliVkJucUhFMmdoUUJKU0h0MzRScWd1emNNU0REdzB0dkV5V3hDSHRFUzVwMlZ0akp1MEJ2NUJMMEhva3RhM1JTOW9Pb0...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTFF3Ukd4VDVfX3RHUHJOSkZlWlpsU0NubUR4RmY4bEJCN2NCMzF3OVI5WQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTFF3Ukd4VDVfX3RHUHJOSkZlWlpsU0NubUR4RmY4bEJCN2NCMzF3OVI5WQ==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Nov 2023 17:23:03 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTFF3Ukd4VDVfX3RHUHJOSkZlWlpsU0NubUR4RmY4bEJCN2NCMzF3OVI5WQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 5D3F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFX-c0Kw-cGwPERxdM1qg_Y&google_cver=1&google_push=AXcoOmRgTCVJRMxiQ-COfGSgFzmcDi8qOYwjUbNjrOQ4bD4OTHlTZNpOC7AVLOrajAN0lYusa199ohLvhqL_DqbCBNomhbFPMnf_PVE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.104.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-104-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 5D3F 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSmu_SX0ugYw3cnhKyjJVoW7BfFnViNg8tdNRQb_EdSXQZ-JD4vxG3DhBN7vkDYdnuinyao0032JhBA7RvXrjKg4h_78pW-eqQ&google_gid=CAESEEBrXzfTqykk3hshMVBAtLk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
339748
expires
Sun, 12 Nov 2023 00:00:00 GMT
report
sync.teads.tv/um/ Frame 5D3F
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENpVh8_Au_Tz...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQR4YP_xXUbN2LjuaJm4b5zVOTZ533K5n4OtBNFjoh-x-BepzXbN9xSZSeFXtVHQaIDZ34ClKp8QoCvWmQENyN9R-aoNE-0kjk
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires
Sun, 12 Nov 2023 17:23:03 GMT
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5D3F 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kx9PEybgHTiYiTIKE_nglDj2MpnepnOMvzjDHF8gxTf5T8kyFmTXegMzjfig8oCm7923dJ2g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=1310109945&pi=t.aa~a.1636119351~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90&nras=6&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E6E2 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
320460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 2EC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDYs_dyCM2FmSaHEkl72QS4&google_push=AXcoOmT_5ZOSbiJrPW-MmOR_TBqwAbjh9D-dok6YW_F-5dlXmVPNBBU32X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDYs_dyCM2FmSaHEkl72QS4&google_push=AXcoOmT_5ZOSbiJrPW-MmOR_TBqwAbjh9D-dok6YW_F-5dlXmVPNBBU32XT7gP10vmy3RNTNxU4xkeXy6_V_K6u02vKbDqxg3JSDGA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-man4145-MAN
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1699809783.996403,VS0,VE88
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDYs_dyCM2FmSaHEkl72QS4&google_push=AXcoOmT_5ZOSbiJrPW-MmOR_TBqwAbjh9D-dok6YW_F-5dlXmVPNBBU32XT7gP10vmy3RNTNxU4xkeXy6_V_K6u02vKbDqxg3JSDGA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 2EC3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJ-F-P6ob56Lan7jLiQTXaI&google_cver=1&google_push=AXcoOmQGnqB_2PhrGgSu7mhg6FNZnbzCQvIeQ-iV8w6uHBJ_wXVCrVl-xcJsNE5XLLT6-weM1JU7awyEAyH1YPjOfLg770jr7j8w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2EC3 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIObmmCSjqJKI70mTUJizlI&google_cver=1&google_push=AXcoOmR2w6_cf2xXDJYeMCrA2uHJCnV0lWCWqgj446ANX50XfY4TLvp1Qj6H-e7pyZ1tLYEpFblkHtspISJ3ZY6ZfVNBj5jCLN8yxw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
x.bidswitch.net/ Frame 2EC3 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFjumx7IGkjplgPN1C_2ASc&google_cver=1&google_push=AXcoOmQ0jhvtGN6v7TrLXwHE84XjmYWz7Rv0rXTL9zzH44AcZeaCKNyv_ESPHugpyjwzqyn98F-iS-ncGdnLyYTpkaRWcNK82qrmpw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.104.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-104-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2EC3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKFd0v4pxrcVAxxrHixKGA8&google_cver=1&google_push=AXcoOmR79Z88Tr1QpH8NaI1tPcXkyBZR74qrN2h4v0rC4sKuBViIzpSgDAZ9OyEqGA2Y0SBZeVLSDjBz...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKFd0v4pxrcVAxxrHixKGA8&google_cver=1&google_push=AXcoOmR79Z88Tr1QpH8NaI1tPcXkyBZR74qrN2h4v0rC4sKuBViIzpSgDAZ9OyEqGA2Y0SBZeVL...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwNDA3NTE4NzAxODYwNDUzNg&google_push=AXcoOmR79Z88Tr1QpH8NaI1tPcXkyBZR74qrN2h4v0rC4sKuBViIzpSgDAZ9OyEqGA2Y0SBZeVLSDj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwNDA3NTE4NzAxODYwNDUzNg&google_push=AXcoOmR79Z88Tr1QpH8NaI1tPcXkyBZR74qrN2h4v0rC4sKuBViIzpSgDAZ9OyEqGA2Y0SBZeVLSDjBzpU8n96abHzH3yzte1BEHJA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwNDA3NTE4NzAxODYwNDUzNg&google_push=AXcoOmR79Z88Tr1QpH8NaI1tPcXkyBZR74qrN2h4v0rC4sKuBViIzpSgDAZ9OyEqGA2Y0SBZeVLSDjBzpU8n96abHzH3yzte1BEHJA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame 2EC3 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTXzw73TRtmiDH0rtzbtENy2UhK3hHzxwhTKstHsOKtFUopPD6caGgHgDn5oGYD1eXJRtxna1H-5rCGt1b6lfxTiOfWs1J0vg&google_gid=CAESEHgKlCpfj54BJ1HYp_bC-04&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
332313
expires
Sun, 12 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2EC3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKFd0v4pxrcVAxxrHixKGA8&google_cver=1&google_push=AXcoOmSoyuvD5lnyttsb9FD3OSTxVDvshDvtk3fv3JVCNoxCfAeXct1VtG4CZ5DxMFbmblH9TwYcQNQF...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKFd0v4pxrcVAxxrHixKGA8&google_cver=1&google_push=AXcoOmSoyuvD5lnyttsb9FD3OSTxVDvshDvtk3fv3JVCNoxCfAeXct1VtG4CZ5DxMFbmblH9TwY...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgxMjM2NzE1MDMzMjgzNDAzNg&google_push=AXcoOmSoyuvD5lnyttsb9FD3OSTxVDvshDvtk3fv3JVCNoxCfAeXct1VtG4CZ5DxMFbmblH9TwYcQN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgxMjM2NzE1MDMzMjgzNDAzNg&google_push=AXcoOmSoyuvD5lnyttsb9FD3OSTxVDvshDvtk3fv3JVCNoxCfAeXct1VtG4CZ5DxMFbmblH9TwYcQNQFkNUHc7_eUM7NkW4WUDnxpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgxMjM2NzE1MDMzMjgzNDAzNg&google_push=AXcoOmSoyuvD5lnyttsb9FD3OSTxVDvshDvtk3fv3JVCNoxCfAeXct1VtG4CZ5DxMFbmblH9TwYcQNQFkNUHc7_eUM7NkW4WUDnxpg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 2EC3 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IVh6GQVokD71nLGyRp5jMd9glvEEtKGHOGDCT4vVEwqkgwdtsCjqMQtaMed2ssohlz6gO6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 41CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucqKH6lye8GchdRcLw5CqfNLPhaB7QdDVEA1ZNffbWe1PsBjDStdgJYTV-tP0jo1aigD-dajFoh8UeSqmQaxdA8lauv5vuzNkQg_Osz_-G6mnK-Ta9sPSGDuFz30OWmvqH-9roR2eUJBqhDEiYideRJcerQZjigAHTK3jqmDkPpWnKL6AJvD7e1rQB_1pnSlIt1g-7rqXNx5sV3yZR1oYZZLTnJCe8R8unicGpLvRzPJEbrpasJ12Ax6AgV_okyLVMnp9HKS7hCvt6n42P-vIitaovARXYDo1Z6jEXm1zW-m_aUjRmtfcs0iFbRsLs_LzPQLSw3_CP8SXR2pQgyoMtRFrRqWHbosEDcvv_ucIAFvF8tzDMX0oUVo2Fl8BKVxpyt3Zhd0YzkToHFIU3ZZLfAsXl5jROdRXnl0fW1koJPfAqsKn28htcjlQ_VLOqH5rt3StyNca7IvIhsP0l_-2Uz9Gi7y1aQ6zoAoujlnBq_wEzB0XpwzBQv7wGkigM_n7jlnk6e28N5itTV2qyFBI5S2KHzbEmMAXvf1kpux3iJqsP17vq7WygvVoiWVOtHd-ka0KaI7W3nZhpxJFmqg_3swe9GtrpRP31HmXhqtBVH6cd7EfOfYrCVkWid2q2bDQX7_KBWPCClT1WncOngdw2c8WCPLN0pEeQIj0J72UHFIMmRZHdWRQEOwqtCgRBFpQLCgjrHGPpadXmQyBeHgThiBRTZZ1qQyT2EtMw9BAtkWPtVOctQfvox-hZNEg5faNcTF2kNlmDMjOFRm5JGhcIrg7f8ofjWborMuYhyfqpkHF-MzJaxVCpI0d1mcLGMXHtq7SxoFHTQKfOmMrM0mejgdnhTY1fPP9nKaMmEqcqFLkry-Zeu5BGDrDmnFsumQuaWmIudjKCuYCxlETBMBV5Hf6kX67i1oulJ7ZFl79I2CFsDBvlCQsiyELbgpFq5HwBiujGaYM3VkrUpXnJoKdeJ4_0FhA2jfcVdsgzvOMycfx3xYjomr5tilcugGKsh9R33Wil05CAV5nn7hVotlINOKPU-5Swlx3kChmRdtMJKlMME_H4A0JlJICwGvT9d7Nkjo7Ta6-_eVvcZetIGsmNMBHbO-ud4HeCC1SlHFrr9KbGNElGxgn7N3ezUuF98Yxs32xBKRCgmbnjBBjfTRRM2-lZPgFXaq-2s3qnuV77RdLQnBTyOSU21U0fYriRuy6RbpzI9Y-nCVc8lMl8jUb8i9coGFtM6u70ZraICuHJkapKj5PlMSIyxk1T9kO5KNq5F1n4lRtOroNHgtRl1AZQuHj6OG-Z_wfLKq7ZWWcfF0rTHIiVS5VgE-KostEHsJqRpriLrlHUP-4LXTTMSJZko-xy8Df6fAku0xfzAJqI_hedzcNimjqhTq2TNkVJs5sZjEx3DCGJit1l1ivDyMCHy-EUgX-x&sai=AMfl-YTzWQVjY4vNALdeFokpcwdIkj-FXYR_MWDjK_c4itKYLwLrpbtHpu90TEms9Lw-JtNQ0xAOTUh2syGk2uSNc_Te3uZXmkLNVUazEM22LiuA8Ya-DqMwzmmQ1kTU72wWFatBOZdYhBG_DIBUWkiGklVrZNDKE1ymq00APnfCjpWamSIL-B7e5xg8UbcXVTayzjXG3_ybQfiuwWaSOhwEQd7FHB-zQEWRS9aBmgLJc2Vu6pOzJ_YIZx5TS75S665xg9r88Qn6L9pJ-3-fyW7Cfx-djU0t8Ok8eJSY3bacMgm6AmCf8pkr9XLm8qZKNR7ooAxThIR5Gplu445udPec4a83VMEQJxuqYk0-xXBs_fmYvwm3vyMA6VIAUdIh_p2tcto5-Gj1MkxiRwIqISBsNRXn_c0I&sig=Cg0ArKJSzH-7oGS5m9MVEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=456&vt=11&dtpt=455&dett=2&cstd=0&cisv=r20231106.99694&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=90&adk=3292332493&adf=4221565707&pi=t.aa~a.2287857721~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x90&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280&nras=5&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame F35E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARi5ir_8ATAB&v=APEucNVNkyx21Jhczj1clX0dcZgJ5vsTXXBR7cM_lkHADDYOne3spfvGyUA654AUJHcDo7btBL3zh5byQCcwN0m35y66jqkqfsWC2VaaOI2p3py_aAGb3t8Gmic1sU77ieqlGvnASnlFroHhIsWJQ3LIknQ0EM-WQ9cVn780V6VXarPQbCkdBdA
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xu1%2BSmAxASm0nhwVdKCDK7QeiSQx%2FLC4zGbKdSMSODmkZV7UzDslU%2Bve3ADo9muNagq09oHB4E7A5w5Rm%2Bcdec5gri4ouBE%2F%2FnxEjNSKTliopL5RU3VMk9srCwPRJwB2u6jJEQcocXF5Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825075e7fd496ab5-MAN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F35E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVEJ9swyHxMu3YfBT7xuSQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARi5ir_8ATAB&v=APEucNVNkyx21Jhczj1clX0dcZgJ5vsTXXBR7cM_lkHADDYOne3spfvGyUA654AUJHcDo7btBL3zh5byQCcwN0m35y66jqkqfsWC2VaaOI2p3py_aAGb3t8Gmic1sU77ieqlGvnASnlFroHhIsWJQ3LIknQ0EM-WQ9cVn780V6VXarPQbCkdBdA
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=del5roeFBLsqPACdANqUe%2BXNlRT%2BqX2%2BGYdCqE89p01gCbQVyAbmcnJz%2Fktv7OCM6mpOig8T9ScatEFA6QU4m22Q4f0u37Ej1QrF29mR%2FtQcNN61l%2FQgShFcyU%2BAZJ4zV5R358PSeMEL4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825075e8df326ab5-MAN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F35E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKFw_9aRXdeJFIDsdHmePhk&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKFw_9aRXdeJFIDsdHmePhk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARi5ir_8ATAB&v=APEucNVNkyx21Jhczj1clX0dcZgJ5vsTXXBR7cM_lkHADDYOne3spfvGyUA654AUJHcDo7btBL3zh5byQCcwN0m35y66jqkqfsWC2VaaOI2p3py_aAGb3t8Gmic1sU77ieqlGvnASnlFroHhIsWJQ3LIknQ0EM-WQ9cVn780V6VXarPQbCkdBdA
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
an-x-request-uuid
1f1ed7da-c18a-49d3-9649-baf9b1d27a5d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.138.196.104; 217.138.196.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKFw_9aRXdeJFIDsdHmePhk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F35E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ5c_NARi5ir_8ATAB&v=APEucNVNkyx21Jhczj1clX0dcZgJ5vsTXXBR7cM_lkHADDYOne3spfvGyUA654AUJHcDo7btBL3zh5byQCcwN0m35y66jqkqfsWC2VaaOI2p3py_aAGb3t8Gmic1sU77ieqlGvnASnlFroHhIsWJQ3LIknQ0EM-WQ9cVn780V6VXarPQbCkdBdA
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
an-x-request-uuid
7cc1c9a2-0b71-4779-bc24-2fa38ad4d067
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
x-proxy-origin
217.138.196.104; 217.138.196.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 1315 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f866f4e0712a9c8d4a0113381fcc5dc95462e94db30652a5cefd56b3a7091671

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/5198436223828957249/ Frame C2C2 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
859a6f67969de5163d8a634a415b5b21bef92eae03968b0825ac1d099eaec920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
278331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5011
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 12:04:12 GMT
expires
Fri, 08 Nov 2024 12:04:12 GMT
last-modified
Tue, 31 Oct 2023 11:29:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1315 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3WxiXr2QSyjoy6UDyPvWYEWMTTB7mN28bLkoFJdO5gVarzWXF6T0slB4C61pSK_ZwNKUzD3eLSuFQSvqV86U8mXYtuOZ7ks54XQ-qOcEurMg5MJi2Ykta34Ok3hn2d-S5dntP92mttk24MyHsZBryv-ClPS3-EAcG4QT6TjbpZBJffEOpZARovQK9XNiSggT5b9r2TRp_ihIPGOiifc6WwN7jyAZljgOlhOFryXrMycZQ0NlA6aTQCKptusBwKlbd6X4ujZ7L_RCPXwSlASWTlRt_pqY_NqnYycEs297EjQ38ZTt4WhChSMPMxTnbrTcucALGrYx8hN5vSWmKDt3JgZaGhSJv8j3sYDJF33yneNglYX_5emL7HspC88tGJyGTBjKiXx4fIuH9GzUPnt7R1OAebhq1mbPVtGyTnlGSBIqIZwOaVRhU_GlXYPntfiYVdyDME_-xkf254uzFGfB1IjF9L3-E1w1x2p9is3rZdNTCwGa3lCo-wZku9IxAsEGupoqbbiROvc1fpx9iyIERS8TDEFsa66LuE7gOYB0FuU7AQWPMBnA1wtdlJTMSo7ZobZXU3DQVic0FXRMLUGPpb5hYVB3R5Ow5WW8p1IY8Z_YwLO1agcwUqHf0fOMLNOVTHSYKNqlOT9NdwbYtFZfPi956aeYxwYfjh_kfXl9d3CaOetkaIRdSNo928fNEzvJcqbM7Ss50OrJs8XpnS6x4RdaPOCR7fbcF7HSHPqoPKnkhIWTdUoBzETteMHVX3s0-vFZMtgBMR_be54shbu2dHyAv7NlB0LiMgKKSlRS-SqXGGLzg4oD57xpGuEi0xVFv1D99aqjteMecSKTv6T-L2K2bp-RBV-PZ3OLr-a7C-b-eULRexaOEfpfBAyfQdeZcFvyFepN-helOw5YedNLS6Xo7AxWbjNQ_cBQyKepPvlil7REDwf7zht6fWW_7qZ3iMNvfsk0KsrNJNMxWh1UuXcwrTAWY9XfyFiIO_T9S91lV7FAr8nwWWdPg2gF0ldohE9oRl8ExNrf9ObuQ1dKedZA91XE31C4O2uq7I50Y-TnUrjEMKk9Ck5Yh_GK8467w9V-UPHUZ-3Yv1VZL5f2Zx2x3JsFga4O7nLKt3kNGexboXOogWIxTtiS-Ik5VdTQK0na_wwF7tjitRDs00LSrB8j3IPjHqjlklAW4gkcR2aUNauKqWV4fSY_NVhaPXR1atDmWvOT2khVjjBqMcWrXyBHyAGmvwHBk88HwIt-NyJ4WUt_SBXzmfhcbq8pWyhBu3tl1L6-bIqsdIJsk2NSFebsmT3ZwCneC0I_NtZkDd662XAHYnRtkV8guOYoEHkf2vdOn2_KQaI-vP6f5ifQINyQZXTOeeNDqnrGCY_8-GHmyACezUC7an6j3OqwHrtl6X9I8igxcDXGa2vPaDXTh19268ZbJPGC8zxAzDaBNsJk-knnl4-5g3LL-tPRoJ9z1uQ&sai=AMfl-YSe2RFYx4gtRXI7tttvp6wO1-kn5owvePBOKrXBXpSzXnh1Hn9e1SPJ7TU8ZC9TtgQx7JuQR5VoCPevJXG3wSy0zFbTYfC3i6KtoPd_r5TYHJ-7JZomehghOeuop-eVawTfxTiG2X6bbT0FQ0G58eE2wjkl_1v5VFsmqNekvUxP5W4qRu6cyYsrxDfdnrNBBTtcy6iaR3FfUHiSlnmSQcgaz2WZGeLwJhuoUmkzFqO6AnsigW5dvI7Z9qU9KAgB08oI2wW0BMG0w7JuiAUv2HIT8W6vI9v8coJP-up2VGsdEXRXL2PgX2JecafiCrm-IP0wG2iUPeH_9z1VK17JheY7cwyDVKMOgIcEeWl1KFXjSAaz9kvD9inWE1SbahanGlkEuyQn3vmRSkovdVUJpFvA&sig=Cg0ArKJSzEhliG3tqCofEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=429&cbvp=1&cstd=426&cisv=r20231106.84256&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 946F 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO7wAEQiNbHARj5oaD4ATAB&v=APEucNWxI7mV2-TcREieLFv1lxh7VlHYV3cNm5OKicFJNMqotUJfiRgUOEad2mpRwQVV3mo-R6XcsT-2opb0jVJ4wcSR8433OE9qZKvHF3uAatyK0R3qGhjyJ6r-zTiUDj072wysTVkZb0bUizhNiUO0sVwQWurLC-Emqwo0P9f1Di-DeMUSSUw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:23:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 19B1 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 13 Nov 2023 05:44:10 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 19B1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
75853
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:18:50 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 19B1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:06:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
76583
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:06:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 19B1 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
214732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 19B1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 10:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
26431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 10:02:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EB4B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
71170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sun, 12 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 19B1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
76839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:02:24 GMT
l
www.google.com/ads/measurement/ Frame 19B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaReosgIXWgzIl17T5937Er2YvYZqynImFXAc7car7WWWN6e9QPrqR2BrsG6NSry02k4A_dLtrzNgcKioYWLzPX0a0XCjg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 19B1 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:23:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 19B1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D1QDVy-1TqVJgwpKyWD0aeDmM8PibS8ZrPzt2a1Acut0CyRhtfZ0zWO3jyzU6cOWncqXvAMcn_FWWn2aYYJySe58dWSGFA22pdWenzv3e-keaTJd0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 023B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwRopolosbk8oPLPfBCLJjLPaG1T3OTx1OmqQy9bdjvv0FU-KJVlc_74ILuZpJ7Ms5c1NET2l6RWjm-rIf4n7rNGi76teK-L1gQHrVkZSKQFQtKIEkHHoZrpzIMEDaRkDU244l2JIhDPf5RVknAGSeXE4qPheh4m-XYYDISVA_TcLeGUB-MBiljzHdL9a_tQKuRgwomWMgbFtHRsSLHDXaJLpUdeC0kivk9D_b5aGUsSkMn25gI-aVBuis-hzYe_VrvKvvoG7eZupeOISoO3QLVYSyoN_QCW5f30YouHivWt83Fk3R9pI6nCXNsp7Gprv8eb3UGdHapPCvMwe5NOn7zRprUKtaai7rKj9UaJ_sVs2nEdpmdMVBcuBCm6Am1nTVdtbRfzyC1LxNP8RSQtaclel2msaUA7Zhxk7EG9ceq-OW3mEWbyewMeu4yVneHKUTCqMj8OYb4BRTRQJgSkC4vWuD9iSKahwnD5uyZjWNcGad-q9SqD6ZxzEKLObIPNa5k34yIPLjnR8iu8E0GNM7-geeKqGXEO7ixzVF4ewsR19V-hpzdSV5jUhg6k2YVyuD3VBaMu85ctLN0hEIXKElC-MD6Edvy5SKdTNfhjJMj6mEOJ-G4g0464oiOfc-36ojKmIr4uRT9qogZiuJ1hWZdzI0FPmp6TApkqDix6snLtjvgs_80YXWz4Mn9tWSVqvnLK-49A2wfVevZS_8zci08a976YpAvg2xF9mnY78-Kqrp2WSMoLNSQZ_K4UTAqhG-ZyQfGbU3OKwLt4EpgPDRwkgn8tcIFYajW9bzzKKFa2LQFBy_tXAEF46qajMFmulXxql66I9v8Ck4LMlWzv9_tioR_8D_RcpYFOXMr0UeX1KDllimE5mYb5HDfd_e3b7UHnqhgIMSZyP608icFWfjVKOvEMIcEhxv4F-0qBjZc3GAMX1LrKMq5EoE_Ly17lFSSzb8ENSJluzEmrxe-xc_fNaDfKV_roLG0t9QE7W_4zUZmGz30xOQmjXofOZKQ2H_Svx-Feza-KHdSwg4wfAZTb6MT8piKwGtRgomPiwqfnb5BYRpNtDSPlXvVM1fINmwIqT6CYoOT14Ai4JmuDI-msfjXNkWXKa0nfJ6ZvNaJdhs4olrfFwgXUdr-A_Wak5Q6qmMPYb3Cd7GMLk9zSt6ivLvP2MrJaGPo_RUfa5lpGZXVO0--zHmZcEWQqgI1U4XHXF_hJALG5BjJgNj0OsyzhG_eju76fM-CN0HHNd6EfizZy8cgaSnJ7wXRYLrldSBGzfik8ryO04fGQ4q94ShcquwvQg6roL3m_m2SXBakMzyXQ1u2fMDHdEC3-b85O1ao2TrCYkm2Q91p83AeJdIctvMVTHXPzwrjVTtYtMgt_e08cDCeiz48nnlVVnLGWmBWOyEjnNrR-4YKA5jNuFj8Y0c8HpDu4BJtAEfNgqqY3h2GXzKY4oHdEGn7v7ghXck&sai=AMfl-YRrlSC6mlU9yYLiRXEIrUKDjESVTqPhxXsrm76osq3Q_ZlC6V2udJksB0kmhLiSjG8eb2-EqvUvu0sfbMrJYp7bfMgm1b5hiTwAvi-EuS2B43KRZEeyUEfjOm7cLKw_H-0j_pDRVcZQZuit3XKgyGoY8AksrdPkZj3MHWPL2LcxZsJd8im_urU66R3ETV6f-mK_fUBuCJXpAIkxBQLQlP61WDc2sSYlT_1g9iTwzcW1JGjirRSwKVNa67vwALiHSsy_Ov2F0MEldY47PnmPNdO8YkqVVg342FxzdXPqGuzS-sOff9qxZySHqRUKLFK8Ec5kgASYELGB6Io-t6_Ns1GIcEH_M2aIvYINy4HzzecUl6C8G_-6VXmBcyAX_oNYGy8X_RuHRjBmKxP9O37WZ0_n&sig=Cg0ArKJSzCpPbqT6vcalEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=410&vt=11&dtpt=409&dett=2&cstd=0&cisv=r20231106.34173&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=2968649303&pi=t.aa~a.2016010881~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280&nras=2&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1CD0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
truncated
/ Frame CE7D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37a4a4183661fb6b71d68caa308f109d17194642c3bd3b5c661b46d21f0ad889

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6356 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
320461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/15708326562664437723/ Frame 850C 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9141d5d16717af6987fb2a65da7a1fb2bb46806f3eed523f1f8cb92ce2f420b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
278326
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5073
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 12:04:17 GMT
expires
Fri, 08 Nov 2024 12:04:17 GMT
last-modified
Tue, 31 Oct 2023 11:54:57 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CE7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspQcp4ThFqFQnM7CWjKUiFEPoQUOxAl1JqAk4Ffjl_UX_2tn69-Ves5x4T6EY8cUpMreoym9W0p-Bn-yPSj67_mEIAdhjbp_B5wkGurgk8Mqijp_gsp1lIUHbt5b1pwzk81Z0Ys_oeu_hmJ9jyQE_Wn3BL9vOQ6vJAvwMuumsHdEKqkTqIeISEjQP-pBxMeW9v-8NrWmE534KUKmlKUnKTb41PfUGcLj7qDU_iavKByS0SztJBbvMWD7QvGB_0swDdmUNKraoUGoehydw4o1SU16oXB3-14PzAzXYMp-qGck0YtnImR2IOkT5e4psFAFCuZ9n1F9WUPzSFzU1LVhyB7WMTYl4V3uCiY6MogPWNaVRyr1exmfwWEDIiMK-RMtoPqsecn0w8TT7cTiDrxdf7x6vFk_5wDdktk9RnNAu7yGJjUojjfxuMV1L_v7Iwe8r2_FjKn9WhvLntXWtEQ6SHjumiCewnATTU6U48xkn3K5C9MCuaN1vgoQjK_fgjBtnxqjULagIflT7aZKJJTagBmKea1hlLjqI_w07NfjMjF7uNCu2QcwfbOaCTN8ZqscXn3qjHzfEytdgDhEQcZBFwMfDEUltu-SS95YNnHxCqDrX4yemGP6ywp5SKAQJZ9pqpghkPL69jyezKeg7yCGa5K55Y3bkXFvmSJ6qYHkoOmjfW0B-WGtE7BHR5Pt8dc991nUmqEbWZecu6PH2t6ohkusnY7tj6n5fYtmVvX8i10r61e_QeAmVY4dIvwk56Kkobm4FjeRvn7-rfXc7mN6_CW8zUXV2DweG5HhtGxHLuGJWswRZ-9ABynS0DIosuCvDE8ZevvUGG-A4zRGJaZpUhhkAjrq6hE-Tk4w83zIuFY0edFRuyniunSglbjBpnQSZR9Nn-ZC80JSj0qsDwkPgEFuiL10q8OYcXzR2Zqez7PINUVIRdyQHa8nV4PQoeoiqjMXcbFlHDe78Q-dPC1b4lA7Tc50UcNvhgOgyubXwEkVwtB5FnD_HorQPdK42kms3Xm9pleuBUF7IxPB9H04f_JsamH2kd0cBEDwwg4teaEw9PwBsrub18BiFfynuPNsreiLy0KyL5QsXUN8wGhAVe3B4f_MpCSQtMCQqAcxtv0S_YLPaQg8Uedimth8eCwMYNzp9oXICI8UG7KAHIU2gZbPWFhkLGfgd_mZNLefjn5QdgwNZNdRQfh8B-dA5KIHm46ydoIm9PpUsjWCdagTaFY2VkGAZCSl3oVFZWSvTTEktS93tY1f8Z7uIpnmcxvPCL19_xWSHbPS9oNog_YLadiatXfa-jZlY5IGD7N8t5Is6Topt-ozlypAL4DHjpP_ZPtIUKXeW1k7OCpCzyx3QoJ8hd4OjK96y3r-DBKRKjKRIHxGfbFiyfzIX2VNgnK80sk-sssL0FyxCivy0SLvuAN7qzOcyTWn9GMraTZuNDntMAs4TpkrV5IvhUwwoKWOwbXu4cSbA&sai=AMfl-YSyfnM4VFXfEIzcUvMQMmPfEb9K8dqSypLbK3WUBtjebQ5_kpZjkj4UiT4UEQctcbv2koidqt9uDQz05X9GIcLeEAGQWZoefMER7JNx-ujrW8CVdryZuouVHp92enLkNjyZKNAPx2-k9JEpJFxW6qhQS8JR8R6h_ZODzwFBa4NvTEyqa1bEMWG214QtlSz-5OaoS26iSqSFlzNAZLo_2FPSCuVQ6g5IjlaZbFyuI6km5YWZC7bvNcm6rI88JxW7H3l5QDgAO5mX98_kvjvl4wbebZKrfb8Sg8W1nX-FRMCIxd7T11xtYy5jryTWkJpmagT8bNdFAkbHUVjRDu_zVi6yLAypMouBm3RQMVDKu_wt_p5sb-w8XddLBNqZCoaNGu7-2I3ANQLKOsYU_Ne3wfwO&sig=Cg0ArKJSzBBdGMjMomw6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=355&cbvp=1&cstd=352&cisv=r20231106.28036&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
f271f4a4af27a770a4a4665d5f27c398.js
s0.2mdn.net/sadbundle/5198436223828957249/ Frame C2C2 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5198436223828957249/f271f4a4af27a770a4a4665d5f27c398.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f432344f23b093067ffbc631fc546bfca646bf05f4df5073289d47976d86d855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 08 Nov 2023 11:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365123
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34731
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:29:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 11:57:40 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BA1E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBh5JbkVRJq82GoyLxGM25Y&google_cver=1&google_push=AXcoOmTS3DlDJz0Ah8edEVhlBHOs9S1kSVrjPjvu2oPbi65XrUwl37L6jcDE22HmWHWoXItn0IH-E684UmL2eTQH-m-zT9P437FgAg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU5NzIyMjg5MDg3MzE2MzgyMw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H2
Server
2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame BA1E 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDhNNLun8sslUoFTQU6pH8E&google_cver=1&google_push=AXcoOmSqcnltHB0IQN3S5a8sUCXVw_84X3c3fMTVCsXM5s9-xDQMhcpByixTwEPhahrew8Ks_qpDoWqVPM9ogiM7wUbGHrioVcnWYA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame BA1E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENWLfSc0qA_JOD9qo1pPGQc&google_cver=1&google_push=AXcoOmQN9I2ADfTGEB0dZdGMfVdfHeUUN4ySuDuZ8LXyjn4CsXgXXg32XePOha-dgOn5W0EcVKI4fSOU7m3V-yOh1Fo4KOcNJr1z-...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENWLfSc0qA_JOD9qo1pPGQc&google_cver=1&google_push=AXcoOmQN9I2ADfTGEB0dZdGMfVdfHeUUN4ySuDuZ8LXyjn4CsXgXXg32XePOha-dgOn5W0EcVKI4fSOU7m3V-yOh1Fo4KOcNJr1...
43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENWLfSc0qA_JOD9qo1pPGQc&google_cver=1&google_push=AXcoOmQN9I2ADfTGEB0dZdGMfVdfHeUUN4ySuDuZ8LXyjn4CsXgXXg32XePOha-dgOn5W0EcVKI4fSOU7m3V-yOh1Fo4KOcNJr1z-w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQN9I2ADfTGEB0dZdGMfVdfHeUUN4ySuDuZ8LXyjn4CsXgXXg32XePOha-dgOn5W0EcVKI4fSOU7m3V-yOh1Fo4KOcNJr1z-w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H2
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
825075eafca77457-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
79
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENWLfSc0qA_JOD9qo1pPGQc&google_cver=1&google_push=AXcoOmQN9I2ADfTGEB0dZdGMfVdfHeUUN4ySuDuZ8LXyjn4CsXgXXg32XePOha-dgOn5W0EcVKI4fSOU7m3V-yOh1Fo4KOcNJr1z-w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQN9I2ADfTGEB0dZdGMfVdfHeUUN4ySuDuZ8LXyjn4CsXgXXg32XePOha-dgOn5W0EcVKI4fSOU7m3V-yOh1Fo4KOcNJr1z-w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
825075e97b2a7457-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BA1E
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEI-owFBKNII7GSorIpu_-8I&google_cver=1&google_push=AXcoOmTJvNwrcdB0cuh9CO72CR2nWc33TaTp4z5VLKxISJBc9haoigZuc7kaiPiDmHxHlaMxQ432NtYSVKnaOW35n0Vh6aey0xSY
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1DCA0E3E62DC4DF08A7134F72E276ADC&google_push=AXcoOmTJvNwrcdB0cuh9CO72CR2nWc33TaTp4z5VLKxISJBc9haoigZuc7kaiPiDmHxHlaMxQ432NtYSVKnaOW3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1DCA0E3E62DC4DF08A7134F72E276ADC&google_push=AXcoOmTJvNwrcdB0cuh9CO72CR2nWc33TaTp4z5VLKxISJBc9haoigZuc7kaiPiDmHxHlaMxQ432NtYSVKnaOW35n0Vh6aey0xSY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Nov 2023 17:23:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1DCA0E3E62DC4DF08A7134F72E276ADC&google_push=AXcoOmTJvNwrcdB0cuh9CO72CR2nWc33TaTp4z5VLKxISJBc9haoigZuc7kaiPiDmHxHlaMxQ432NtYSVKnaOW35n0Vh6aey0xSY
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 11 Nov 2023 17:23:03 GMT
pixel
cm.g.doubleclick.net/ Frame BA1E
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKg_fvzjFxm7eRPFDP0JKRI&google_cver=1&google_push=AXcoOmRZjpqSyHPXBWK7ZWesoF20VBm3E_AIqddsTID7jJlI6d_gHJgKViIrvnojeXK7ypUG5toa7nN-QiJPdI61Ed6xTFyFQVZJ8w
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRZjpqSyHPXBWK7ZWesoF20VBm3E_AIqddsTID7jJlI6d_gHJgKViIrvnojeXK7ypUG5toa7nN-QiJPdI61Ed6xTFyFQVZJ8w&google_hm=Q0FFU0VLZ19mdnpqRnh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRZjpqSyHPXBWK7ZWesoF20VBm3E_AIqddsTID7jJlI6d_gHJgKViIrvnojeXK7ypUG5toa7nN-QiJPdI61Ed6xTFyFQVZJ8w&google_hm=Q0FFU0VLZ19mdnpqRnhtN2VSUEZEUDBKS1JJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 17:23:03 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRZjpqSyHPXBWK7ZWesoF20VBm3E_AIqddsTID7jJlI6d_gHJgKViIrvnojeXK7ypUG5toa7nN-QiJPdI61Ed6xTFyFQVZJ8w&google_hm=Q0FFU0VLZ19mdnpqRnhtN2VSUEZEUDBKS1JJ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
x.bidswitch.net/ Frame BA1E 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKg7o-QUbiLgx8Dpti3DhV4&google_cver=1&google_push=AXcoOmQVAZ3zkyRrGfyGlXXk9wEmMk0P3eKoYbUQ3B6j6WTVAYdIPf4hR48QLHj7nwg9NagiRILZGIRGFTYuabiZP3U0Gvph892P3Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.104.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-104-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
report
sync.teads.tv/um/ Frame BA1E
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMmwg3X6vP1N...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTiW1pgdY3q_ZbX2KpaKeO65q0ITCj_AH8HnXuKqVizX_lViH5E4o2mzzhaTbtAM7pviJhEMpJvnkJY_GjkZv_SDwvEL-pa7-g
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires
Sun, 12 Nov 2023 17:23:03 GMT
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BA1E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KznLvZ-kiooKmtBbh2Va5KOmznPG2T6qUjhx24elUNxtZarH0xV3aJmwxM4i8EuOJ8TFprbw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=60&adk=4175158846&adf=634050667&pi=t.aa~a.2016015926~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x60&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2756&idt=1&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600%2C820x280%2C820x90%2C820x90&nras=7&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 023B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43f3906be65c9a5aaadfc9035d0aa0a050d1bf44ba959a8862add5a4b540448d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 423E 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
308092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 03:48:11 GMT
expires
Fri, 08 Nov 2024 03:48:11 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 72A9 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lovquukg&c=1174622766579&slotId=587311383289.5&qqid=CIbGhPH8voIDFRtOwgUdIm0GmA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=485&mt=video%2Fmp4&vs=720x406&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 946F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO7wAEQiNbHARj5oaD4ATAB&v=APEucNWxI7mV2-TcREieLFv1lxh7VlHYV3cNm5OKicFJNMqotUJfiRgUOEad2mpRwQVV3mo-R6XcsT-2opb0jVJ4wcSR8433OE9qZKvHF3uAatyK0R3qGhjyJ6r-zTiUDj072wysTVkZb0bUizhNiUO0sVwQWurLC-Emqwo0P9f1Di-DeMUSSUw
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cLV2311t%2FuA0kdAuKOWIzgQom2%2FyzGmpmx2LM8%2FVE2W%2Bh8ZF8tINn5cVfpVvIKWBf0Nxt1fbWHLqK7dVMbfQrCPjZxQ%2BAofcmDM01sIsPeh76iAZDvasKHQeERXYCMKwlDpvYiP2t8gTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825075e9686c6ab5-MAN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 946F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVEJ9swyHxMu3YfBT7xuSQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO7wAEQiNbHARj5oaD4ATAB&v=APEucNWxI7mV2-TcREieLFv1lxh7VlHYV3cNm5OKicFJNMqotUJfiRgUOEad2mpRwQVV3mo-R6XcsT-2opb0jVJ4wcSR8433OE9qZKvHF3uAatyK0R3qGhjyJ6r-zTiUDj072wysTVkZb0bUizhNiUO0sVwQWurLC-Emqwo0P9f1Di-DeMUSSUw
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmmRkY457PFU4eYLW%2FYA1KGKMcw6VxQpif%2BXa59j8KR8ZgXaGr09phKF1eiUcby1TD5VrWBXEU0VYxXRocR%2FjFyOk3XtPZKl1okQPOeJu%2BTbPKZWfImyhC0US9xc9L2iF7dQQ4Y06djFVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825075ea39ba6ab5-MAN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRRXmArRqoBswHm9uOfJdA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 946F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKFw_9aRXdeJFIDsdHmePhk&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKFw_9aRXdeJFIDsdHmePhk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO7wAEQiNbHARj5oaD4ATAB&v=APEucNWxI7mV2-TcREieLFv1lxh7VlHYV3cNm5OKicFJNMqotUJfiRgUOEad2mpRwQVV3mo-R6XcsT-2opb0jVJ4wcSR8433OE9qZKvHF3uAatyK0R3qGhjyJ6r-zTiUDj072wysTVkZb0bUizhNiUO0sVwQWurLC-Emqwo0P9f1Di-DeMUSSUw
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
an-x-request-uuid
3e321373-40f1-47dc-9716-484d79b84490
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.138.196.104; 217.138.196.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKFw_9aRXdeJFIDsdHmePhk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 946F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO7wAEQiNbHARj5oaD4ATAB&v=APEucNWxI7mV2-TcREieLFv1lxh7VlHYV3cNm5OKicFJNMqotUJfiRgUOEad2mpRwQVV3mo-R6XcsT-2opb0jVJ4wcSR8433OE9qZKvHF3uAatyK0R3qGhjyJ6r-zTiUDj072wysTVkZb0bUizhNiUO0sVwQWurLC-Emqwo0P9f1Di-DeMUSSUw
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
an-x-request-uuid
1459cbcd-8731-462b-9dcb-3f3c837477a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU3NDU4MTAwMDk4OTMwNTEwNg%3D%3D
x-proxy-origin
217.138.196.104; 217.138.196.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A067 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0hDzfrhkqqh4q5yqyEgskqq9SGLovSujB1s1vrMmJr5Lg7LePCKOEJlCaKSsua5OkSgQWONbbdcD1jmfE5hToJ6yfDIAdBOC33cNsbjhrDnQ5f1uPznmq6BMCsdk1H3XAJ-HzlabOReV9_EeRF57PkxCSlJx_N3_mm8RqCI30WqICwaM&cry=1&dbm_d=AKAmf-D9y8KbCpXy0VWz1AOr_78-yuNizID5PfVXtAgmLVk-7GQdZKq6AnCk-kbFkybtFv9U4ixM10nXVw_vz9LOUM1WC2ejvFNQdPRkaASQsNRovIMfrSVYy_-D3SzjDC_njUEk2y33rUHpOHi5k-IYBhL2QeNjjiiHT6LUKNPQU0UVXBMHlyu8sfj2yWYl6GgW0CcAqI82UjI4VJprp3lGpY5LI8KnS3buiqK0MplWCklBqD3SWJtMRFp64sfXN4dJoCCY18HLHLQV8HQVc3i5qIgUjUtiLJ_OegKDoL5wx8FPAxlH192F7mAY7vHQeV_Rov-z6xtmIinccz5J6XWLVFS6OjTl2wMRkHFENpMQp_iw9z41TNg7PLBHBY6KRTmNPRhioAW1AeGFDBjAN5SQW2RmihhrGqhnK_BDvISVNfUn_KNzR3FJbNwjjU4gQgP4fWUU3Cr_Jr85hVsSwq13WAqHXMp0lcGxel4A2E654lynl_b_BCI3PxPkBr2DU1-UfVXrGt2LMoW3Vfs02h83VNKLyCTEQ0hFoPPSlGo0_P_prpm2adQbLL05aTKJAPCQrDMFu2vKLdPcYuaRF-o9Iv2sllWCinzMrJwLXkdaIyroFR3I6OdID9RvHsqm5br31Hnm2x-6OeFDHCaHPQf1NWGe-799Mhdjf4XsJ561JqwsfjrjwiKXNCZHCWg5oulk3cvXwmSWbSuY0Y5o89d9xUvaaU6tyNT-vejuqtTq9py8-aHeiYzvMI8RaJY0JsZYmcEUBbu6K2s4n-vtoFUtd8QGiYA_UB2AkdKtzmkCeNv0Yz-bjXo0oo2DoxP7KzzqhJ4VFQdfPoYDWLzPf6K0o4Xqxtvt835UhNlLEO1k87R-0DkZb01rUVCzc1DeY9m5wvwGPY6ka5D5H3Tw6MFFv-vdB71J7p5dYaVJhCNt9Nj-iI2c3AaDe6LWx_TZuVlnurNVryWbYIxPcLmOJ8ep7aoxXlY77_flKvVhYzzDLcDKsuLHDtvtr0jVeIqE242W5QJDcEoi4eT-IKJpEfo__y_BudiLxoEBhr2o3PQdPCGizFpcZW6SvMDgPiu66LqJaa8ohk8SElFTXZfO3KXPZrimO-VyLQp98SgkbD3ztlLNZsBieWbfMS2BBVFSbQdIxCE7yzaWNGnevwRGikR4ioPfJWXyshkkd_sAv2-a4Rt-cnR-XdzAy65ZD-U2Qr1Py31ORXwK8JUcqG8N17cOjPNc-uYP0tpF0i1uxIGR8C39KX4AqMZd21ZI5PoOl3XR6SRFh2nGIHGXOheA8bqzgoGBTXhniIaq32R6IM9TMtV54VdcA9-trJ6sW5uu2t5SLwftc8MI4Lk0AAsTMhfqM9-F_Zs_etzB6luZGw3Y2qzPummuyJ4iLOcVw3eaPW8DSbVKOWhmZEpczV310zY-s04SWzxpGMsLUWsWqIQaZx8ZSNqEn-JXJBo01mqSio8op3YYseHlnRjOfK4kvLpiM9JQcMA-M6QhinI67QL_vasKOpKjNNenIpNNDMNRdJ73ezWrjWti7gBNgQ1tdiIhwN9eM1KxRkGdFZddIGbBdoq6YjeuZhtDZQ1ZZR6LL3RYa777DQLKnf0ztODhWysTtmjMNEy2nlz5khAZv4tLk3sKK582pVgjK5CzlldrRk3CiI0volci1cvHLFHpIijKN7gGEqmWRYQXdhWCQOxOWixv6zo1h_p8_sCSUgySDYG89mArsVKqEKnzr4Q1b2uGL2PdBvMVuFoHK5kTl9tD0E9g_VaBNKIBvb_ZmOzkQ4vAzNlr2TM3CE0ox_CEgaVaGkpU0El-s1oAGMfz3SyYw3EYbwAjA95BzH3hatU-UufcZRBZUTzlsZisRAQ115liOgmqeY2ljxFRMu6dnRRK8BxOlrbkV_pUIcYtsllvueJ6LZnliJTOrM2XROqcfUtHye5biDTC-2FQsspNlLrn8cNAvBS9OsVA0RwNlGxZ4g_R2dCef0CosgbcFHj_Y6AYp1ezVH_nFV1DzIUTyJTFpXz88mxNDMANAeWzNd7MOEwMyACFZ5z9Vp-8KbdFcP6zXJTSXPZFWt6KFOzyFmpbsqsb7DviR9vJMn_cWRUj8p3Zd7-Wd1ZOHG-4tiOMfBe4HbHpwAg1GqB3tTfJpXey6mfA3bAusf0UBKwgWPsmpltVJwlD1d8rhwS5Kc5lzB0yqWCwtm9dQcT-ZNWfiYcTImcSZFdb0Garos4OJ9tLDv3bzLPdg9jYgv7oV_s1_WolAVvvhEPK-RMmK2EaDzS6SIx-2TLLgKy_Ms0NyVXc_fi3mriylrYS69pG8fDft6ThbbHFPeeYyPJftiKfFCHoIPL5nNwtY5--blgTGK92towJOYRfU5AMTf2nJRbOJDqCU1VoeuRRvozrbcSCdetewzcC-6_H_x6IUeF1eB2fFj6_0xxGexoX_9qPhqM4DUG6tPAiUgubCY3l6xRrahrGjuxdbHWxOvAfIXR6ADcKi2Iu4S4MgoJDX8WOxPKUois8cg5di9ZgF8SdIkr4d9cCC4lD8EM6DEjXZNLgrNgDvd7OOGctHbz8i36fl0mzoSYgJdMIBO3SnLvskubuYozc0l-TR8i8ShH_vNcgpPhm03kvAlKVyI8mZsXKsFSq3S39wSsWJfXVxjm3XjjVIg4qWeNmJv8dPrMHPuWg3-Y0q1L3bQoMKooqIfcStpuOdpR4UWNzR3JEig6L6JfK5cLPFg-rLxQ3AxysrgwfuaCXFIbFI3vOwF9qHMQt_jf-SvobWKFtx9PXMTNBfa6pYmHPg8y74AdKnhGxaURXee149yYQDR3AV-EZ_6HYdUtla560sbhMVbHzCAC5gzeWHMTClpqBC5T0AZ_YMgJCZNJh5Jnwfp6CzExuD379brMKpVPK_MBrQrtuomYU-IWOxNS8JXiBhURqMvvYmKdTHy8zaxuBr-RiiMpsu52yU9sCaM6B1nycWhVjGG-kXodUjT3mWRr4YMAoa3U9iikrvSVfPYQL-tBZ2xD1T3F01X-h1Ctf4WgAC8DcZY3SWMTWKRFxCCgJuFN7feVEvCK5HsdQxp4B7S5CYlag4dgB7379Qs6wlTvzrTE1-m_NDLo-IhdzgTm_wUFx9-BP2o2lOLxA-sQ5UEQmwhsWW2QcBYcGXj37eH8JS3W0kqqLjSSSqmVekb4i92K8xS1UreKLLjwW7en5-NAt-yJ0QoQv0A4OMqWa4WSJ-RK6gWjejislkT0LvSeUaBcG9-7Cpj1fFcM2J0ijmnmpIthnfeFukDlMMjkJoH4SV_lwzA&cid=CAQSPADICaaN93mU5tHWp1zyWeUUitQux34dmBGDplnqxnRWknMudE9tI9eebG9GLzGWfQncVaBhLA6ORCMOthgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Femployeeloginportals.com%2F&ds=l&xdt=1&iif=1&cor=1149050881665707600&adk=1726166460&idt=158&cac=0&dtd=34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
214732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
dvbs_src_internal123.js
cdn.doubleverify.com/ Frame A067 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal123.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=22233753&cmp=30764846&plc=378851769&sid=6848107&dvregion=0&unit=336x280
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ab4c91d229d32a46cacdfa0e0f01096060a891f4973f7699120d7ed39b90bcbb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sun, 12 Nov 2023 17:23:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 09:32:26 GMT
Server
UploadServer
ETag
"c78e1b8588fb1329342920c4bf68cac1"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19651
Expires
Mon, 11 Nov 2024 17:23:03 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame D45B 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
308092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 03:48:11 GMT
expires
Fri, 08 Nov 2024 03:48:11 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame E7A2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
f271f4a4af27a770a4a4665d5f27c398.js
s0.2mdn.net/sadbundle/15708326562664437723/ Frame 850C 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15708326562664437723/f271f4a4af27a770a4a4665d5f27c398.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f432344f23b093067ffbc631fc546bfca646bf05f4df5073289d47976d86d855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 00:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234698
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34731
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:54:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 00:11:25 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame E6E2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 19B1 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=18042488&cmp=30563893&sid=4985444&plc=376401224&num=&adid=&advid=8657649&adsrv=1&btreg=567430266&btadsrv=doubleclick&crt=199456244&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e16cc0dcb6483e969661ee10c7752f3a9462a547b7b78279eac970808921a2da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sun, 12 Nov 2023 17:23:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 13:01:39 GMT
Server
UploadServer
ETag
"69ac7bfdcd7264d785df7a9f26d5066b"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3638
Expires
Sun, 12 Nov 2023 17:38:03 GMT
index.html
s0.2mdn.net/sadbundle/5652536573653377701/ Frame 5B8C 		55 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5652536573653377701/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182decfd09b5faf8a5bdce5b6069a7e8983511e0e2f256b3da5765aa4d9ab933
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
203826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
6616
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 08:45:57 GMT
expires
Sat, 09 Nov 2024 08:45:57 GMT
last-modified
Thu, 21 Sep 2023 12:47:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 19B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss605bWXR3BZ-NYWURYXF7D_VCW4zFBgqEHXxBpGWFp386FOtgVV2AyS7BtEJnzVoit6I3_cE_pJrCXIaR3iZBkQAHmg4AJWBH4qcZPvzj3nnpryl-KK8ioDz05Z5kMGv0ocp_916ArT07mazoL4TYYL-Eomf6EyLrkHIuKnt7Ce7_jjDHf-LqEoJJ0Zg7u2UmtHWvnEqGRU5EZsokgYf71-Ws-7JEbC4fWW2PL7JQBCv97JARPE_jJDTMpzRDYr76scweLhlLl7Xkj9ErGxrYAEuBr37V4i26vZxKKuIlu3CzCGYPKa8pfDO3mHfEA3fQxkONBgTNdEmOWLCf1VKsr_Wohf9KIEx2yl0uZ0VgvDNTD1bD8BC0oUY9WOgGGzBazKQ0-fc7h0lI9Hm1U73NI56999XvArgo2Kp5m0dEfj3DWGn1O_sjAfR89k1rhgsW6aBcN5h1_5NnA6vCro_-GU2gnphqVV3bNiVVn1z4dYqnRd-wY8KP-mRkOl4pACe6gjp9aZpPBFgzEPVttx37Xp5A194oZEk1vD59IOWiRMlJEmIOxiSanQ2mWZX5bfzgqK4UOeXhT3CrWNwNeKBz8hN62B7nw4LWbbqT6WHZzJUkC3dRMbPqGWJ4_VIqSG2Rd7NAINxs7Jc5P-FPfqr9voAu3PyjZoX4TiXxTMNfXGcueBMT13KA83LSBdytxRsSrYHuUU4Ef2G94A6h8PIt3_r7BMVZ1Pgq0FlWlq6bzvwp4IwnKZXT8K0wn7Kc0cAZkvrgLHG-e8FWZX38ZapKsS4R_jvgN4buLVF71kC2rqBABbdHCx13VfCW6ArRcRUtPhUdqJ1mO5Ra8N_-Es_62FCXqYNlkrjpo8jCnC8cGnXwcTMghYZkXSBE7_5_8oJ6YylfU74Zo2az95I36jvz9CxRfUfzaoKtpzjkXiB36czMqjS8uHyQAdXAFQ7hQDeMb1SBzXMhcF4SVDo8JG8Tgt8NV3crcN4pzhikEiQeSgj5T2HlO_NAuhgaFZymJz6Kzbu9BckYUa440b2WECwLtwIS7VUvJdt29BptEEiPW_-Sark3P8qXSU-Xiz3EqHf0uXggRdoEqclZwSTSGv63akAnl48qCAQwDQqeYeWPxT7mE5By6EwMZS4gB6sfxTjOwv6L6bV1RnkZGwDvpbZZUtyTznACjTjF2arvEPz074746AlV47snnOmDYVyajHRyH1fis1_L0VuhVCzTWHNT2qcWFfUYNzMaPU3pA8WUnaVGLORkCRRWzdttBmcbDaa9LucGzSIT3SxciJBy2-j5vSs-wfo20MNwXLZLOPz897h9eRDHnOCnmO68GJOWHobBYqs6G9S0Ctxx1e4a7aHfkzC5ZI63ea-yXOvVUPNOHDgn_LpBj80hkSRPapMJ3bLfWpiXxopJGKYgcBbO7yxW1NwF3jxvUetyktb37UefDmdv4Zvc_-g&sai=AMfl-YQEUlj7_kONJ5ZfpqbUYAxRohaybydVdooa4IiDR1dZqT3QtMgL-wT_1DNkvVYj0ZS1HefSDlt_urvhrSwldwOMHGD3y7yGtA0V-8m59CrZ8IewPfpA5GOvAdmh01e9qPnto0jsl6DUYobpOFgbXyG8pt6S7ObwNb_Z6hrfyNgQGN5JTeYMZjKirYq15NdUQMSXIEfthWCljcMoh2rN4vFKAHnkZvBlmv3O4vJCvpxGkaNu5Atj-Ctib6M-4uW7W8N_mBYCVQgwI1HRQeVMogzJpxbPmNyX0MZUV-L8lB3g1GdzrkS9-X1HQovttld79SS1vIUYJu4ROcZrKxYaGWUISMjRlP_mkWcb436Pk93p_JzPqo-gLpkOZi4jF74fUN4nmgU5M1baiPl7VeOKK1f6OUy-&sig=Cg0ArKJSzK0hvHMxznzsEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=211&cbvp=1&cstd=209&cisv=r20231106.73254&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EB4B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1&google_push=AXcoOmR_wOcDp65u17D8SUlQ2H4kVTN7ivvYtb-7j5ddWivdfxUolL9lvAe7gcXoPGYuHVqaKM0tR6BJWorWmaYy2uwg9vrJ9uwwRc0
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM4MTA1MDEwODc1OTM4MDAxNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H2
Server
2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEANiMu2-sVD2MxE7Qvx6feA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame EB4B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPknlWAZB_ZcL1rfmab68aw&google_cver=1&google_push=AXcoOmTt35HV0YOeqoYnK-2AmJFakcmdLdyXUr0_DgfP0nf1uFmyU8dzPZU9ZOukIgkMm4yyubZqcuqQf3V0ur89hbfdgv0Mji2Dc...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPknlWAZB_ZcL1rfmab68aw&google_cver=1&google_push=AXcoOmTt35HV0YOeqoYnK-2AmJFakcmdLdyXUr0_DgfP0nf1uFmyU8dzPZU9ZOukIgkMm4yyubZqcuqQf3V0ur89hbfdgv0Mji2...
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPknlWAZB_ZcL1rfmab68aw&google_cver=1&google_push=AXcoOmTt35HV0YOeqoYnK-2AmJFakcmdLdyXUr0_DgfP0nf1uFmyU8dzPZU9ZOukIgkMm4yyubZqcuqQf3V0ur89hbfdgv0Mji2DcA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTt35HV0YOeqoYnK-2AmJFakcmdLdyXUr0_DgfP0nf1uFmyU8dzPZU9ZOukIgkMm4yyubZqcuqQf3V0ur89hbfdgv0Mji2DcA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H2
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
825075eafca37457-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
3465
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPknlWAZB_ZcL1rfmab68aw&google_cver=1&google_push=AXcoOmTt35HV0YOeqoYnK-2AmJFakcmdLdyXUr0_DgfP0nf1uFmyU8dzPZU9ZOukIgkMm4yyubZqcuqQf3V0ur89hbfdgv0Mji2DcA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTt35HV0YOeqoYnK-2AmJFakcmdLdyXUr0_DgfP0nf1uFmyU8dzPZU9ZOukIgkMm4yyubZqcuqQf3V0ur89hbfdgv0Mji2DcA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
825075e97b347457-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB4B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlZFSjl3QURScnlRWWdBVQ==&google_gid=CAESEI-wKUJPbXYijVHPP37H0JY&google_cver=1&google_push=AXcoOmTCqsO1EdzCvAPVi1oCL2akGZRVdn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlZFSjl3QURScnlRWWdBVQ==&google_gid=CAESEI-wKUJPbXYijVHPP37H0JY&google_cver=1&google_push=AXcoOmTCqsO1EdzCvAPVi1oCL2akGZRVdnTlelYH-8CDZQjM3Mj8en2F9q-KA9q-a4-jRbiAfQQTDcdUkxLamkVwGPPlmaS_JmtTDaY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-man4145-MAN
pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1699809783.246093,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlZFSjl3QURScnlRWWdBVQ==&google_gid=CAESEI-wKUJPbXYijVHPP37H0JY&google_cver=1&google_push=AXcoOmTCqsO1EdzCvAPVi1oCL2akGZRVdnTlelYH-8CDZQjM3Mj8en2F9q-KA9q-a4-jRbiAfQQTDcdUkxLamkVwGPPlmaS_JmtTDaY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame EB4B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHTqtlkvOWPTvghXY2k2sTM&google_cver=1&google_push=AXcoOmQAqVO9TbYIV-MKnYy4o6HLVMjpfstkIR3ibPySuFyi4ry0p2FxOxHwvNdQ5KFqNPT84eC90xF5h9u-DSI8K1pAYhydeDt3BFw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=42BFC68BC0A9498F9B0D1825E3CCE57B&google_push=AXcoOmQAqVO9TbYIV-MKnYy4o6HLVMjpfstkIR3ibPySuFyi4ry0p2FxOxHwvNdQ5KFqNPT84eC90xF5h9u-DSI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=42BFC68BC0A9498F9B0D1825E3CCE57B&google_push=AXcoOmQAqVO9TbYIV-MKnYy4o6HLVMjpfstkIR3ibPySuFyi4ry0p2FxOxHwvNdQ5KFqNPT84eC90xF5h9u-DSI8K1pAYhydeDt3BFw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Nov 2023 17:23:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=42BFC68BC0A9498F9B0D1825E3CCE57B&google_push=AXcoOmQAqVO9TbYIV-MKnYy4o6HLVMjpfstkIR3ibPySuFyi4ry0p2FxOxHwvNdQ5KFqNPT84eC90xF5h9u-DSI8K1pAYhydeDt3BFw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 11 Nov 2023 17:23:03 GMT
google
match.adsrvr.org/track/cmf/ Frame EB4B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFOS_9VwTZV0R9FdT_Q-rGA&google_cver=1&google_push=AXcoOmT7epCpMFsypKjefgjrewYuQbkHL0xqXgDYoK8Vj21k98bZrLiP0PJ7slvLegT_JCBgbmj7kxVIZeVbTZMwXCZPm1uKWIH26Zg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame EB4B 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS6_5PHX_-rTfBwczRRuziMkHjbfGEFo4Z28EP16B404EIg8a_ALt8K-g_jaiujLiOk9gkyCTDBTSJ166Cit7SBBAv8zXgWlm4&google_gid=CAESEJ6czh2KEzjMGIr-CWD5PL4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
326603
expires
Sun, 12 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB4B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELiyymXJUsi7hkUFsvOd-NA&google_cver=1&google_push=AXcoOmTDwhVojX5MSM5AxoiJA4DOxXIeXG8U6G8QSXF9-C8cYd1wbsK2b6hYLan_FXLEqu2BzaH0By81lAx8...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTDwhVojX5MSM5AxoiJA4DOxXIeXG8U6G8QSXF9-C8cYd1wbsK2b6hYLan_FXLEqu2BzaH0By81lAx89D0OAxXG-zJ_qybf6oY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTDwhVojX5MSM5AxoiJA4DOxXIeXG8U6G8QSXF9-C8cYd1wbsK2b6hYLan_FXLEqu2BzaH0By81lAx89D0OAxXG-zJ_qybf6oY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTDwhVojX5MSM5AxoiJA4DOxXIeXG8U6G8QSXF9-C8cYd1wbsK2b6hYLan_FXLEqu2BzaH0By81lAx89D0OAxXG-zJ_qybf6oY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame EB4B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2Zo-Vct2tSkv6s4sZ--yLw4AOtkTpke5w4j_p7p3Mq3PUigVsKq-JJtQXNL_j78zmh4mj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=600&adk=3009225660&adf=3402980104&pi=t.aa~a.4263631882~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=280x600&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280&nras=3&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 19B1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfe9c21c59176a9f692d94b43d38dfce36091fd53da0ea68f4244d54cd3e05c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame A21F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lovquuln&c=4854621573240&slotId=2427310786620&qqid=CImThfH8voIDFURMwgUdxHMHLQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=485&mt=video%2Fmp4&vs=720x406&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 5B8C 		10 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:200,300,regular,500,600,700&cb=1693553901
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5652536573653377701/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2099ed9fd0d035b21bfb21ce40406581b80827f6b783b8692272a84dd647b85f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Nov 2023 17:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Nov 2023 17:13:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Nov 2023 17:23:03 GMT
css
fonts.googleapis.com/ Frame 5B8C 		10 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1693553901
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5652536573653377701/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7eb9062180fa69fedb8b35848f99e9a7d90e8666719f7294b19673dafdc275e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Nov 2023 17:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Nov 2023 17:15:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Nov 2023 17:23:03 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6C67 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
320461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 6356 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
verify.js
rtb0.doubleverify.com/ Frame A067 		680 B
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_368076327763&jsTagObjCallback=__tagObject_callback_368076327763&num=6&ctx=22233753&cmp=30764846&plc=378851769&sid=6848107&advid=&adsrv=&unit=336x280&isdvvid=&uid=368076327763&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=116&bridua=3&dup=null&chro=1&hist=2&winh=280&winw=820&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=170&eparams=DC4FC%3Dl9EEADTbpTauTau6%3EA%3D%40J66%3D%408%3A%3FA%40CE2%3DD%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau6%3EA%3D%40J66%3D%408%3A%3FA%40CE2%3DD%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=5.70&callbackName=__verify_callback_368076327763
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d63bc89e40b4d59b309802e263af951d8149cc40bc45741ac06636f82589c5c9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 17:23:03 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
11/11/2023 17:23:03
11e9062abda3df259f50b4f3409d8a83.jpg
s0.2mdn.net/sadbundle/5198436223828957249/media/ Frame C2C2 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5198436223828957249/media/11e9062abda3df259f50b4f3409d8a83.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36218f42a8cdf80af1ee54a7993cc3efd72a0e8e6953e4a72ba15e17baec9fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 08 Nov 2023 11:57:40 GMT
x-content-type-options
nosniff
age
365123
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49440
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:29:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 11:57:40 GMT
9f6596a57897e97d3b68116c37a46016.png
s0.2mdn.net/sadbundle/5198436223828957249/media/ Frame C2C2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5198436223828957249/media/9f6596a57897e97d3b68116c37a46016.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed08a8c628a233937d08123ded989ebb25e93b1453d807f833f11f0d88ea111b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 06:48:31 GMT
x-content-type-options
nosniff
age
210872
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13089
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:29:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 06:48:31 GMT
8a2b4e43977508fa197840d7fea56dad.png
s0.2mdn.net/sadbundle/5198436223828957249/media/ Frame C2C2 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5198436223828957249/media/8a2b4e43977508fa197840d7fea56dad.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef0a8154545152706f731b9264995110cfff95d06f4b18e87714b404a9b453f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 05:13:33 GMT
x-content-type-options
nosniff
age
216570
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120335
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:29:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 05:13:33 GMT
f87a61b26e22cc9c634ab1933072aab3.svg
s0.2mdn.net/sadbundle/5198436223828957249/media/ Frame C2C2 		2 KB
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5198436223828957249/media/f87a61b26e22cc9c634ab1933072aab3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7806e25ab43b0091006bcaf91798a983ba12050380a4954c41ef87a92b7753e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 08 Nov 2023 11:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365123
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
970
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:29:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 11:57:40 GMT
2f94c20976e5773b86e043ed1c662587.svg
s0.2mdn.net/sadbundle/5198436223828957249/media/ Frame C2C2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5198436223828957249/media/2f94c20976e5773b86e043ed1c662587.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed39580de7ed847757d5f722885d7b9ab21ca4c393074c8b62c1719991ffa45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 08 Nov 2023 11:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365123
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1022
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:29:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 11:57:40 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1151 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
320461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
file.mp4
r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 72A9 		834 KB
834 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/034CD48C639B64803666B208F97CD39AF9902C64.762B46C76E6C4479F7404E84F476B797CB97DAFF/key/cms1/cms_redirect/yes/mh/KO/mip/2001:ac8:21:e::14/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1699809637/mv/m/mvi/1/pl/48/file/file.mp4
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:34::6 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
733b2a2837f6831d00fdd9091eed0004767e49faec87e0d1872271eb932fcb9c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Range
bytes=0-

Response headers

expires
Sun, 12 Nov 2023 17:23:03 GMT
date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-854384/854385
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
854385
last-modified
Fri, 11 Aug 2023 14:00:33 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
csi
csi.gstatic.com/ Frame 72A9 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~lovquutl&c=1174622766579&slotId=587311383289.5&qqid=CIbGhPH8voIDFRtOwgUdIm0GmA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=485&mt=video%2Fmp4&vs=720x406&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fsvastx.moatads.com%252Fpepsicoessadcmvideo633239199003%252FUK_PepsiMax_SummerTaste_BasePlan_Q3_2023_M411621690-373317506.xml%253FapiFrameworks%253D7%2526gdpr%253D%2526gdpr_consent%253D%2526&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A21F 		834 KB
834 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigzrn7d.c.2mdn.net/videoplayback/id/81abd509353c0ce1/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3836210489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/22608D61CDDEF25F03735E409610684022E6E2D7.29D8F01165B12FB4982E32CDD0F91BC1D549EC23/key/cms1/cms_redirect/yes/mh/KO/mip/2001:ac8:21:e::14/mm/42/mn/sn-aigzrn7d/ms/onc/mt/1699809411/mv/m/mvi/1/pl/48/file/file.mp4
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:34::6 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
733b2a2837f6831d00fdd9091eed0004767e49faec87e0d1872271eb932fcb9c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Range
bytes=0-

Response headers

expires
Sun, 12 Nov 2023 17:23:03 GMT
date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-854384/854385
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
854385
last-modified
Fri, 11 Aug 2023 14:00:33 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
csi
csi.gstatic.com/ Frame A21F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~lovquuxz&c=4854621573240&slotId=2427310786620&qqid=CImThfH8voIDFURMwgUdxHMHLQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=485&mt=video%2Fmp4&vs=720x406&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fsvastx.moatads.com%252Fpepsicoessadcmvideo633239199003%252FUK_PepsiMax_SummerTaste_BasePlan_Q3_2023_M411621690-373317506.xml%253FapiFrameworks%253D%255BAPIFRAMEWORKS%255D%2526gdpr%253D%2526gdpr_consent%253D%2526&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv-measurements4884.js
cdn.doubleverify.com/ Frame F71C 		421 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4884.js
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d7cbb16c11db9f2d7ef179daf620425dd028396d23bc54957d80926b8ab08905

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sun, 12 Nov 2023 17:23:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 09:54:02 GMT
Server
UploadServer
ETag
"73822042d6be41f2cdb97755b16d9106"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101294
Expires
Mon, 11 Nov 2024 17:23:03 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 423E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame D45B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
11e9062abda3df259f50b4f3409d8a83.jpg
s0.2mdn.net/sadbundle/15708326562664437723/media/ Frame 850C 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15708326562664437723/media/11e9062abda3df259f50b4f3409d8a83.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36218f42a8cdf80af1ee54a7993cc3efd72a0e8e6953e4a72ba15e17baec9fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 09:39:13 GMT
x-content-type-options
nosniff
age
200630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49440
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:54:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 09:39:13 GMT
b8a762c68393dfd5961b287911f8b1d5.png
s0.2mdn.net/sadbundle/15708326562664437723/media/ Frame 850C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15708326562664437723/media/b8a762c68393dfd5961b287911f8b1d5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43541b392c10da0cab8d5052273bedf1d06d3222344838146c4721a727a1f9db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 04:58:01 GMT
x-content-type-options
nosniff
age
217502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8027
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:54:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 04:58:01 GMT
8a2b4e43977508fa197840d7fea56dad.png
s0.2mdn.net/sadbundle/15708326562664437723/media/ Frame 850C 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15708326562664437723/media/8a2b4e43977508fa197840d7fea56dad.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef0a8154545152706f731b9264995110cfff95d06f4b18e87714b404a9b453f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 00:08:59 GMT
x-content-type-options
nosniff
age
321244
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120335
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:54:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 00:08:59 GMT
30b8578621fde6823aa6d1fa8f8a425e.svg
s0.2mdn.net/sadbundle/15708326562664437723/media/ Frame 850C 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15708326562664437723/media/30b8578621fde6823aa6d1fa8f8a425e.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd7962eec21572c5424221fa39990ce0bdb8f0a0dc844d296753edf21b7f31ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 12:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278325
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1556
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:54:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 12:04:18 GMT
683f58cc20fd1f3884339a5d414b2170.svg
s0.2mdn.net/sadbundle/15708326562664437723/media/ Frame 850C 		2 KB
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15708326562664437723/media/683f58cc20fd1f3884339a5d414b2170.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f47a34b015d1426116bca27758e1c6023111ae030224b7848a701bcfc4e930fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 12:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278325
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
971
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:54:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 12:04:18 GMT
2f94c20976e5773b86e043ed1c662587.svg
s0.2mdn.net/sadbundle/15708326562664437723/media/ Frame 850C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15708326562664437723/media/2f94c20976e5773b86e043ed1c662587.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed39580de7ed847757d5f722885d7b9ab21ca4c393074c8b62c1719991ffa45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 12:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278325
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1022
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:54:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 12:04:18 GMT
imagespaerbs4wiywfh1fv1gkb.png
s0.2mdn.net/sadbundle/5652536573653377701/ Frame 5B8C 		653 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5652536573653377701/imagespaerbs4wiywfh1fv1gkb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5652536573653377701/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4eaf827f727b343b1f0231d654fa69162b98bb479e34fbc8fb0acbf8333129d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5652536573653377701/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 08:45:57 GMT
x-content-type-options
nosniff
age
203826
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
653
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 12:47:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 08:45:57 GMT
24dffcd0788a26dbd800cf9f117387d9.png
s0.2mdn.net/sadbundle/5652536573653377701/ Frame 5B8C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5652536573653377701/24dffcd0788a26dbd800cf9f117387d9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5652536573653377701/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45251d9898b156c5358d5f140631f0a905d0bccda559f1c8a903ec8415653cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5652536573653377701/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 08:45:57 GMT
x-content-type-options
nosniff
age
203826
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12863
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 12:47:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 08:45:57 GMT
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v53/ Frame 5B8C 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,regular,500,600,700&cb=1693553901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e02b48b88352a0c0f5c14ae6cb7949cfa9bffd9743bf53f6ab8fd10459d91179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 07 Nov 2023 21:22:23 GMT
x-content-type-options
nosniff
age
417640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28516
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:28:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 21:22:23 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v32/ Frame 5B8C 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v32/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1693553901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb068a653639dcb56965adaba3ab222cbe12841ede3b9adbcf66d98d5883847c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 09 Nov 2023 21:13:29 GMT
x-content-type-options
nosniff
age
245374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14048
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 20:55:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 21:13:29 GMT
a39862bfa36537a1c4dcf8b919f9bb89.svg
s0.2mdn.net/sadbundle/5198436223828957249/media/ Frame C2C2 		2 KB
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5198436223828957249/media/a39862bfa36537a1c4dcf8b919f9bb89.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee926bad896113a52f4e3569a62edbc25151de83552e3cf90d51fb5b13de95f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5198436223828957249/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 08 Nov 2023 11:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365123
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
725
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:29:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 11:57:40 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 6C67 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1151 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
bsevent.gif
rtbc-ew1.doubleverify.com/ Frame A067 		0
308 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=15de0611d65243e1bc9c4c80cdc4f309&vfdur=271&cbust=1699809783773352
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal123.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Sun, 12 Nov 2023 17:23:03 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-11-11T17:23:03
DV_GlobalPassback_Update_336x280.jpg
cdn.pathtosuccess.global/ Frame A067 		94 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_336x280.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:2600:19:8ca6:3640:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 11 Nov 2023 23:51:32 GMT
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
last-modified
Wed, 17 May 2023 17:51:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
63093
x-amz-server-side-encryption
AES256
etag
"8824fffbd8d96f189034cba860a61627"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
139629
x-amz-cf-id
5x3MLi6YvVn77qo2IALJaP-4dkmM54tfcOjCkVCn7PO6mJjHa8p-Rg==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F46D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

age
71170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sun, 12 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A067 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8015708c6edc59c89075ae7b2ff81442960b9db69d22f0591fe46377926826be

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 1315 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3WxiXr2QSyjoy6UDyPvWYEWMTTB7mN28bLkoFJdO5gVarzWXF6T0slB4C61pSK_ZwNKUzD3eLSuFQSvqV86U8mXYtuOZ7ks54XQ-qOcEurMg5MJi2Ykta34Ok3hn2d-S5dntP92mttk24MyHsZBryv-ClPS3-EAcG4QT6TjbpZBJffEOpZARovQK9XNiSggT5b9r2TRp_ihIPGOiifc6WwN7jyAZljgOlhOFryXrMycZQ0NlA6aTQCKptusBwKlbd6X4ujZ7L_RCPXwSlASWTlRt_pqY_NqnYycEs297EjQ38ZTt4WhChSMPMxTnbrTcucALGrYx8hN5vSWmKDt3JgZaGhSJv8j3sYDJF33yneNglYX_5emL7HspC88tGJyGTBjKiXx4fIuH9GzUPnt7R1OAebhq1mbPVtGyTnlGSBIqIZwOaVRhU_GlXYPntfiYVdyDME_-xkf254uzFGfB1IjF9L3-E1w1x2p9is3rZdNTCwGa3lCo-wZku9IxAsEGupoqbbiROvc1fpx9iyIERS8TDEFsa66LuE7gOYB0FuU7AQWPMBnA1wtdlJTMSo7ZobZXU3DQVic0FXRMLUGPpb5hYVB3R5Ow5WW8p1IY8Z_YwLO1agcwUqHf0fOMLNOVTHSYKNqlOT9NdwbYtFZfPi956aeYxwYfjh_kfXl9d3CaOetkaIRdSNo928fNEzvJcqbM7Ss50OrJs8XpnS6x4RdaPOCR7fbcF7HSHPqoPKnkhIWTdUoBzETteMHVX3s0-vFZMtgBMR_be54shbu2dHyAv7NlB0LiMgKKSlRS-SqXGGLzg4oD57xpGuEi0xVFv1D99aqjteMecSKTv6T-L2K2bp-RBV-PZ3OLr-a7C-b-eULRexaOEfpfBAyfQdeZcFvyFepN-helOw5YedNLS6Xo7AxWbjNQ_cBQyKepPvlil7REDwf7zht6fWW_7qZ3iMNvfsk0KsrNJNMxWh1UuXcwrTAWY9XfyFiIO_T9S91lV7FAr8nwWWdPg2gF0ldohE9oRl8ExNrf9ObuQ1dKedZA91XE31C4O2uq7I50Y-TnUrjEMKk9Ck5Yh_GK8467w9V-UPHUZ-3Yv1VZL5f2Zx2x3JsFga4O7nLKt3kNGexboXOogWIxTtiS-Ik5VdTQK0na_wwF7tjitRDs00LSrB8j3IPjHqjlklAW4gkcR2aUNauKqWV4fSY_NVhaPXR1atDmWvOT2khVjjBqMcWrXyBHyAGmvwHBk88HwIt-NyJ4WUt_SBXzmfhcbq8pWyhBu3tl1L6-bIqsdIJsk2NSFebsmT3ZwCneC0I_NtZkDd662XAHYnRtkV8guOYoEHkf2vdOn2_KQaI-vP6f5ifQINyQZXTOeeNDqnrGCY_8-GHmyACezUC7an6j3OqwHrtl6X9I8igxcDXGa2vPaDXTh19268ZbJPGC8zxAzDaBNsJk-knnl4-5g3LL-tPRoJ9z1uQ&sai=AMfl-YSe2RFYx4gtRXI7tttvp6wO1-kn5owvePBOKrXBXpSzXnh1Hn9e1SPJ7TU8ZC9TtgQx7JuQR5VoCPevJXG3wSy0zFbTYfC3i6KtoPd_r5TYHJ-7JZomehghOeuop-eVawTfxTiG2X6bbT0FQ0G58eE2wjkl_1v5VFsmqNekvUxP5W4qRu6cyYsrxDfdnrNBBTtcy6iaR3FfUHiSlnmSQcgaz2WZGeLwJhuoUmkzFqO6AnsigW5dvI7Z9qU9KAgB08oI2wW0BMG0w7JuiAUv2HIT8W6vI9v8coJP-up2VGsdEXRXL2PgX2JecafiCrm-IP0wG2iUPeH_9z1VK17JheY7cwyDVKMOgIcEeWl1KFXjSAaz9kvD9inWE1SbahanGlkEuyQn3vmRSkovdVUJpFvA&sig=Cg0ArKJSzEhliG3tqCofEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1236&vt=11&dtpt=807&dett=3&cstd=426&cisv=r20231106.84256&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame F71C 		694 B
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=325&ttfrms=23&brid=3&brver=116.0.5845.114&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau6%3EA%3D%40J66%3D%408%3A%3FA%40CE2%3DD%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau6%3EA%3D%40J66%3D%408%3A%3FA%40CE2%3DD%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=225&ddur=95&uid=1699809783868440&jsCallback=dvCallback_1699809783868135&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Linux%3B%20Android%2010%3B%20SM-A205U)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.114%20Mobile%20Safari%2F537.36.&htmlmsging=1&chro=1&hist=2&winh=600&winw=160&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4884&tgjsver=4884&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9340358673009042%26output%3Dhtml%26h%3D600%26adk%3D3009225660%26adf%3D3402980104%26pi%3Dt.aa~a.4263631882~rp.3%26w%3D280%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1699598363%26rafmt%3D1%26to%3Dqs%26pwprc%3D8720699785%26format%3D280x600%26url%3Dhttps%253A%252F%252Femployeeloginportals.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699809781617%26bpp%3D1%26bdt%3D2757%26idt%3D-M%26shv%3Dr20231108%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C820x280%252C820x280%26nras%3D3%26correlator%3D7978397381970%26frm%3D20%26pv%3D1%26ga_vid%3D2750680.1699809780%26ga_sid%3D1699809780%26ga_hid%3D573924306%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1080%26ady%3D1395%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31078020%252C31079438%252C44807460%252C31078301%252C31079382%252C31079588%252C44807764%252C44808148%26oid%3D2%26pvsid%3D2326258049932949%26tmod%3D1883670684%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D15&fcifrms=11&brh=2&dvp_epl=288&noc=4&nav_pltfrm=Linux%20x86_64&ctx=18042488&cmp=30563893&sid=4985444&plc=376401224&crt=199456244&btreg=567430266&btadsrv=doubleclick&adsrv=1&advid=8657649&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=536535991787.9319&ee_dp_sukv=536535991787.9319&dvp_tukv=349182821955.21906&ee_dp_tukv=349182821955.21906&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1036453763092&jurtd=314437457
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4884.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 17:23:04 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
11/11/2023 17:23:04
a39862bfa36537a1c4dcf8b919f9bb89.svg
s0.2mdn.net/sadbundle/15708326562664437723/media/ Frame 850C 		2 KB
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15708326562664437723/media/a39862bfa36537a1c4dcf8b919f9bb89.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee926bad896113a52f4e3569a62edbc25151de83552e3cf90d51fb5b13de95f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15708326562664437723/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 10 Nov 2023 06:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210963
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
725
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 11:54:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 06:47:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 19B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss605bWXR3BZ-NYWURYXF7D_VCW4zFBgqEHXxBpGWFp386FOtgVV2AyS7BtEJnzVoit6I3_cE_pJrCXIaR3iZBkQAHmg4AJWBH4qcZPvzj3nnpryl-KK8ioDz05Z5kMGv0ocp_916ArT07mazoL4TYYL-Eomf6EyLrkHIuKnt7Ce7_jjDHf-LqEoJJ0Zg7u2UmtHWvnEqGRU5EZsokgYf71-Ws-7JEbC4fWW2PL7JQBCv97JARPE_jJDTMpzRDYr76scweLhlLl7Xkj9ErGxrYAEuBr37V4i26vZxKKuIlu3CzCGYPKa8pfDO3mHfEA3fQxkONBgTNdEmOWLCf1VKsr_Wohf9KIEx2yl0uZ0VgvDNTD1bD8BC0oUY9WOgGGzBazKQ0-fc7h0lI9Hm1U73NI56999XvArgo2Kp5m0dEfj3DWGn1O_sjAfR89k1rhgsW6aBcN5h1_5NnA6vCro_-GU2gnphqVV3bNiVVn1z4dYqnRd-wY8KP-mRkOl4pACe6gjp9aZpPBFgzEPVttx37Xp5A194oZEk1vD59IOWiRMlJEmIOxiSanQ2mWZX5bfzgqK4UOeXhT3CrWNwNeKBz8hN62B7nw4LWbbqT6WHZzJUkC3dRMbPqGWJ4_VIqSG2Rd7NAINxs7Jc5P-FPfqr9voAu3PyjZoX4TiXxTMNfXGcueBMT13KA83LSBdytxRsSrYHuUU4Ef2G94A6h8PIt3_r7BMVZ1Pgq0FlWlq6bzvwp4IwnKZXT8K0wn7Kc0cAZkvrgLHG-e8FWZX38ZapKsS4R_jvgN4buLVF71kC2rqBABbdHCx13VfCW6ArRcRUtPhUdqJ1mO5Ra8N_-Es_62FCXqYNlkrjpo8jCnC8cGnXwcTMghYZkXSBE7_5_8oJ6YylfU74Zo2az95I36jvz9CxRfUfzaoKtpzjkXiB36czMqjS8uHyQAdXAFQ7hQDeMb1SBzXMhcF4SVDo8JG8Tgt8NV3crcN4pzhikEiQeSgj5T2HlO_NAuhgaFZymJz6Kzbu9BckYUa440b2WECwLtwIS7VUvJdt29BptEEiPW_-Sark3P8qXSU-Xiz3EqHf0uXggRdoEqclZwSTSGv63akAnl48qCAQwDQqeYeWPxT7mE5By6EwMZS4gB6sfxTjOwv6L6bV1RnkZGwDvpbZZUtyTznACjTjF2arvEPz074746AlV47snnOmDYVyajHRyH1fis1_L0VuhVCzTWHNT2qcWFfUYNzMaPU3pA8WUnaVGLORkCRRWzdttBmcbDaa9LucGzSIT3SxciJBy2-j5vSs-wfo20MNwXLZLOPz897h9eRDHnOCnmO68GJOWHobBYqs6G9S0Ctxx1e4a7aHfkzC5ZI63ea-yXOvVUPNOHDgn_LpBj80hkSRPapMJ3bLfWpiXxopJGKYgcBbO7yxW1NwF3jxvUetyktb37UefDmdv4Zvc_-g&sai=AMfl-YQEUlj7_kONJ5ZfpqbUYAxRohaybydVdooa4IiDR1dZqT3QtMgL-wT_1DNkvVYj0ZS1HefSDlt_urvhrSwldwOMHGD3y7yGtA0V-8m59CrZ8IewPfpA5GOvAdmh01e9qPnto0jsl6DUYobpOFgbXyG8pt6S7ObwNb_Z6hrfyNgQGN5JTeYMZjKirYq15NdUQMSXIEfthWCljcMoh2rN4vFKAHnkZvBlmv3O4vJCvpxGkaNu5Atj-Ctib6M-4uW7W8N_mBYCVQgwI1HRQeVMogzJpxbPmNyX0MZUV-L8lB3g1GdzrkS9-X1HQovttld79SS1vIUYJu4ROcZrKxYaGWUISMjRlP_mkWcb436Pk93p_JzPqo-gLpkOZi4jF74fUN4nmgU5M1baiPl7VeOKK1f6OUy-&sig=Cg0ArKJSzK0hvHMxznzsEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=926&vt=11&dtpt=715&dett=3&cstd=209&cisv=r20231106.73254&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CE7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspQcp4ThFqFQnM7CWjKUiFEPoQUOxAl1JqAk4Ffjl_UX_2tn69-Ves5x4T6EY8cUpMreoym9W0p-Bn-yPSj67_mEIAdhjbp_B5wkGurgk8Mqijp_gsp1lIUHbt5b1pwzk81Z0Ys_oeu_hmJ9jyQE_Wn3BL9vOQ6vJAvwMuumsHdEKqkTqIeISEjQP-pBxMeW9v-8NrWmE534KUKmlKUnKTb41PfUGcLj7qDU_iavKByS0SztJBbvMWD7QvGB_0swDdmUNKraoUGoehydw4o1SU16oXB3-14PzAzXYMp-qGck0YtnImR2IOkT5e4psFAFCuZ9n1F9WUPzSFzU1LVhyB7WMTYl4V3uCiY6MogPWNaVRyr1exmfwWEDIiMK-RMtoPqsecn0w8TT7cTiDrxdf7x6vFk_5wDdktk9RnNAu7yGJjUojjfxuMV1L_v7Iwe8r2_FjKn9WhvLntXWtEQ6SHjumiCewnATTU6U48xkn3K5C9MCuaN1vgoQjK_fgjBtnxqjULagIflT7aZKJJTagBmKea1hlLjqI_w07NfjMjF7uNCu2QcwfbOaCTN8ZqscXn3qjHzfEytdgDhEQcZBFwMfDEUltu-SS95YNnHxCqDrX4yemGP6ywp5SKAQJZ9pqpghkPL69jyezKeg7yCGa5K55Y3bkXFvmSJ6qYHkoOmjfW0B-WGtE7BHR5Pt8dc991nUmqEbWZecu6PH2t6ohkusnY7tj6n5fYtmVvX8i10r61e_QeAmVY4dIvwk56Kkobm4FjeRvn7-rfXc7mN6_CW8zUXV2DweG5HhtGxHLuGJWswRZ-9ABynS0DIosuCvDE8ZevvUGG-A4zRGJaZpUhhkAjrq6hE-Tk4w83zIuFY0edFRuyniunSglbjBpnQSZR9Nn-ZC80JSj0qsDwkPgEFuiL10q8OYcXzR2Zqez7PINUVIRdyQHa8nV4PQoeoiqjMXcbFlHDe78Q-dPC1b4lA7Tc50UcNvhgOgyubXwEkVwtB5FnD_HorQPdK42kms3Xm9pleuBUF7IxPB9H04f_JsamH2kd0cBEDwwg4teaEw9PwBsrub18BiFfynuPNsreiLy0KyL5QsXUN8wGhAVe3B4f_MpCSQtMCQqAcxtv0S_YLPaQg8Uedimth8eCwMYNzp9oXICI8UG7KAHIU2gZbPWFhkLGfgd_mZNLefjn5QdgwNZNdRQfh8B-dA5KIHm46ydoIm9PpUsjWCdagTaFY2VkGAZCSl3oVFZWSvTTEktS93tY1f8Z7uIpnmcxvPCL19_xWSHbPS9oNog_YLadiatXfa-jZlY5IGD7N8t5Is6Topt-ozlypAL4DHjpP_ZPtIUKXeW1k7OCpCzyx3QoJ8hd4OjK96y3r-DBKRKjKRIHxGfbFiyfzIX2VNgnK80sk-sssL0FyxCivy0SLvuAN7qzOcyTWn9GMraTZuNDntMAs4TpkrV5IvhUwwoKWOwbXu4cSbA&sai=AMfl-YSyfnM4VFXfEIzcUvMQMmPfEb9K8dqSypLbK3WUBtjebQ5_kpZjkj4UiT4UEQctcbv2koidqt9uDQz05X9GIcLeEAGQWZoefMER7JNx-ujrW8CVdryZuouVHp92enLkNjyZKNAPx2-k9JEpJFxW6qhQS8JR8R6h_ZODzwFBa4NvTEyqa1bEMWG214QtlSz-5OaoS26iSqSFlzNAZLo_2FPSCuVQ6g5IjlaZbFyuI6km5YWZC7bvNcm6rI88JxW7H3l5QDgAO5mX98_kvjvl4wbebZKrfb8Sg8W1nX-FRMCIxd7T11xtYy5jryTWkJpmagT8bNdFAkbHUVjRDu_zVi6yLAypMouBm3RQMVDKu_wt_p5sb-w8XddLBNqZCoaNGu7-2I3ANQLKOsYU_Ne3wfwO&sig=Cg0ArKJSzBBdGMjMomw6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1323&vt=11&dtpt=968&dett=3&cstd=352&cisv=r20231106.28036&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dc_oe=ChMI1aWj8vy-ggMVjqD9Bx3MkAW7EAAYACD8yNRd;met=1;acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame A21F 		0
0
dc_oe=ChMIgOj38fy-ggMV5OTeCh2hFg8jEAAYACDa0eddOhoIrZXangMQqeCwiMAEGK651OMDIIr3iL2GEkITCImThfH8voIDFURMwgUdxHMHLQ;dc_rmcid=CAQSTgDICaaNrSZpZ7ao_m-XGU3cuyNHFnuji1GmhqHLxhqNXi4HrL2xOH2tsRDX5zFYn_S9O5K...
ade.googlesyndication.com/ddm/activity/ Frame A21F 		0
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A21F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cukg99AlRZYnJB8SYid4PxOed6ALu-P7pcor3iL2GEvAuEAEg5M34e2C7hoCA0ArIAQWpAq1iYcWIg7Q-qAMByAObBKoElQJP0FbB-PwM780MeoQGcfJ6Cga4jPHgC6B5YB1uRfOB1hDNEasJRP7nauLkP0x-qxvPX9nrfM8ojouqsGZPkTnRJsA75coja15DS-68alQbag7SJ6TXcYiVDiUUyWKugrWGePXXFjSt-q5pCm5FiHJleyyK1-5BXDHnoyvnohzHg7B7BfTIsvJbAIdpn7hwNSqKlL8PW6MD57e8UvuWGnszqO7tb2C38CG4lt1P_tZWPmaIhvgbH2Ar8TreThn3b6BFbqsacRGHrvxUKxq-ynWRxYBv4Kjxfp2nnvUvuYfUCrXnQG_lOZJbdvlgn_1hnPO7qrkm0Hw3PtZf8Ob4OW7bJW6siKHH9Y2EbK4KySreQOOr2o-NwASp4LCIwATgBAOIBfahwr1MkAYBoAZ52AYCgAf1mKCcA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwCgCNmUqASwCALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBogwUKhIKEOS0sQLutbEC5LSxAu61sQKqDQJHQrATuKCtFcgTrrnU4wPYEwqCFBoaGGVtcGxveWVlbG9naW5wb3J0YWxzLmNvbYgUAtgUAdAVAfgWAYAXAegXBQ&sigh=C8oESV6p2V4&label=part2viewed&ad_mt=142&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D141%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D251319255%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699809784129
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A21F 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss582BOFxX73BhjL-E5JeCwX8BT5VCf_wkCcoOV6GMn6iHMEfoaBy4Cvq_s23Y0gj8Fq7UxRSEiQeXNZVQ3-2n5HHeERQ7KosBwbPKMKqRqTzoEH_dmXNfVPmZ75KYeiaWtbyZ_b2PWfL-AcryBHGOVP8jt9wwFsVYaHug8iesrFTLVuS7SDmoa7Q&sai=AMfl-YSkFgO1gfxLCo1Z47Z3FdV-gCiWrmgXX6rVfb3-iNoRhF68Qx-laZTp3HxR6PEBb0jmiXycjgmjPt2ktPnHkW-jK22bl_Uwz0wEfQ&sig=Cg0ArKJSzDH662zM-1bFEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
r
on-device.com/ Frame A21F 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://on-device.com/r?campaignPk=9icck4na&dspPk=vs2b4tce
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.149.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
Wed, 1 Jan 1992 00:00:00 UTC
pixel.gif
obo.moatads.com/ Frame A21F 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obo.moatads.com/pixel.gif?e=0&g=0&ac=1&bq=7&f=1&gh=0&hc=0&i=OBO_VAST_WRAPPER1&t=1699809782&de=234293265&vz=234293265&d=30217569%3ADBM%20TP%20-%20668871754%20-%20TRA%20-%20DV360%20888189431-Pepsico_UK_PepsiMax_Inhouse%20%28HFSS%20Restricted%29%3A373317506%3Avast&bo=undefined&bd=undefined&bp=&apif=%5bAPIFRAMEWORKS%5d&zMoatOrigIKey=VID_PEPSICO_ESSA_DCM_VIDEO1&zMoatGSR=1&zMoatADV=10873605&obo=1&rai=ROKU_ADS_APP_ID&oa=[STOREID]&yd=-1&zp=21&app=-1&gu=-1&id=0&ii=11&cdom=-1&uai=-1&inst=-1&psz=-1&pst=-1&cs=0
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 12 Nov 2023 17:23:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A21F 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulFylhcxdLF5-RBmbdVmLjX-W5R4m18-uryK2Pkz2MMTEXQOpB5ziyaCEQ1aPNq2_5sDhCcdti-sMaK6MUG-l2XUU2aiz5jvhKh-svv1tB8gxlBmVVY4lWP3_nejsAph9kyv-F8Ml1S2-8Ihn0hfk-obPZzVakvX79ssfQ0-Gu8Sum6KwloI_s6833jh4MJo_6jtJYsd4QtYpXi2yT8sljayMx0M4HQMWPkDY0SM-5nW_5R2d6qqbQA3Vx6u7o9E_N0-G4sxsmre_2aijEYQg7_t4Iz9ahauSvhtZBLV0YHdwLwy5NmmeylT9NZKMWm91W9SQKyoOgleA-C7VpD5PW7KOWR07hC_Tb09T5wSfcD0jjJNlZKPFGTMugP7wz1uL9KguVRyDLThF-JQKfn8pB6Fix5KSAabgq7OB3QyxduFBTa31NtO7NTEo9GZc_Zu8IVpeIcPrIZpda6JFLhN5YD0Tj4T3t0HsUrHUMiLMH9fES33pij4N4wSFsn9ZXXKCvxNajfO49sCyZGzSFrANZR-OulHKoYzZYeKl6nFPB4wLF22-7SjGDncJ2t3EhwVefx9-AR92efQheXWDckwi1prImrfmySnks5ynNXElvwwdiifrVust5VZHTRMKI3tIS7E5KN5bIoZQhmb1NeppTfKO95IpFLFs8EhULIFWPKt_xwPgajjtaA553ItEmRPgXxNQjidlJLiZSnXU2RjYZ5wJds5nwhLoAYmZYb-1Iq2WpdU0x5Fm5HylKDT3TVfbEqWwEWFPdW2v5c9YZgRlYZ6JVzvId6iO_sYwqxVJKAgBtDpAtLsqu54gjTXT-PqILsqPe1FtNs82IiPo0ErGZhpFhnYZzYLI28Bxfu2WTaQbq4dXVcCeQxaBszXiYzYqrLh3TETFjLhbdO_hYGpDvocTdgDrrjxdP9AeUQ9bGX-5emzVFOwNrFX1M5gwhMTLZu0NTe2Q2ral2ssAuF2Wdf96Vkem2SQQzPvXPNUNPUM-jBVYl9s6cBIaKMZmMyeEcLdEjD4v6EqoxqdEulgKtvZhwTG_fJVsoaIPovernt1EPOgvOYtJpDMe8gSbB7QD6DEJLxxVt-OljHZf8lfP4l4tKj23asHT8m00lTaD7VP--M9EJCAVFnO4i3DR9F7fxWk763zK3mxKf3eMQBGUrlkfrOG912xJC9t4sFxZQWKIiSOJ5uIwicEIJud_3QCa5ct1smyqUDcs0Pgezfuk5APd3vG5LXjK3BDBFozJ_jV4UueeV6wc0ZuyTfEjZKTEhedzCrXXDde2bDShaaw5kL3q5igDCK4XKae5AqVGiFMCQjiLnYMtixtvkFXEcKD3ntGYYnPK6mRKQ0a10d5aS7CDzXCCJQAVgq6E&sai=AMfl-YQ-UbrSwFwi8SoEavwOqibpENnRTKJyXVqWfHLPAu_0jg990meOsTuwRMs-ieI0JxZ-2_ffZBrrIKDAa0If8OCBvPBt1ZybKBWwMuQ3Ob51H9JD97IZm3J2C2jw0z9Q5iffGgJgh07JlEiLI2oThdcNIrU_jWTc_iz0QzgqV7x9UcuzxTJfCZYZDwjglfpAr4LrZ8qsRyUfnzm58qe8oo9UxyzZ4_-dd6ll_m-G_W50eLH2GEJLH5bFRBrfqWeTevjJ0AD5j4BEQyWW1FuEJh8LUBP7T_DMJoUSqQ&sig=Cg0ArKJSzPUyssj6zii0EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cm
us-u.openx.net/w/1.0/ Frame A21F
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrY-L4CEK2V2p4DGJfC-vMBIAEwAQ&v=APEucNUCdww7CneEi-1MEew1ecuLDt7jwR9NqVSSFFWenvPsjVkzEg6AJXsF7WNFHCOwPb6tQnGU0EbI8xRt6uRiraT-G4aPZQ
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A21F 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A21F 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuic6481dq1-OX157qtnhAuKPfX_rMI2UW84WMiAIfjjFjo-PgHuWMJTwebm-f3CckWP-dD77R4EMl4bebTVcLr9yB3DDoEAlenJC66FbTmpQQtPa_Bpv3SIw&sig=Cg0ArKJSzJc7hIFuO8sZEAE&id=lidarv&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D141%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D251319255%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699809784129&avm=1
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A21F 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEkb9yhP6beknwfO5WAM-9NlrAEOCb1NQoAgAEEah1fNjcoxYCgIr0oC6yLJByaTyw8LKNG1LX1UAP9WKxCQHS34c_sAQFyl5g_YQ-8hc9C4QoSxTwcWTH4KsBvS-xTo4&sai=AMfl-YSZfn57U5oOLfDpX52z5UmjGAy2GASV7zwgpgTHnswlJ-Wb06uQOu3O2mMZKaiUqU7WbgtelnJbQVwzyOqJnS3HzT08rRPytUm9P_280CGyJa2Fb2y_-wDMohcJz2o-97NaBmNf6FA1-mgFPc-c&sig=Cg0ArKJSzGF8whAdwsUWEAE&cid=CAQSTgDICaaNrSZpZ7ao_m-XGU3cuyNHFnuji1GmhqHLxhqNXi4HrL2xOH2tsRDX5zFYn_S9O5K5GXFWR4k-Au7560RkSinU4tzcZDW2JJDPSBgB&id=lidarv&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D141%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D251319255%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699809784129&avm=1
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A21F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cukg99AlRZYnJB8SYid4PxOed6ALu-P7pcor3iL2GEvAuEAEg5M34e2C7hoCA0ArIAQWpAq1iYcWIg7Q-qAMByAObBKoElQJP0FbB-PwM780MeoQGcfJ6Cga4jPHgC6B5YB1uRfOB1hDNEasJRP7nauLkP0x-qxvPX9nrfM8ojouqsGZPkTnRJsA75coja15DS-68alQbag7SJ6TXcYiVDiUUyWKugrWGePXXFjSt-q5pCm5FiHJleyyK1-5BXDHnoyvnohzHg7B7BfTIsvJbAIdpn7hwNSqKlL8PW6MD57e8UvuWGnszqO7tb2C38CG4lt1P_tZWPmaIhvgbH2Ar8TreThn3b6BFbqsacRGHrvxUKxq-ynWRxYBv4Kjxfp2nnvUvuYfUCrXnQG_lOZJbdvlgn_1hnPO7qrkm0Hw3PtZf8Ob4OW7bJW6siKHH9Y2EbK4KySreQOOr2o-NwASp4LCIwATgBAOIBfahwr1MkAYBoAZ52AYCgAf1mKCcA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwCgCNmUqASwCALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBogwUKhIKEOS0sQLutbEC5LSxAu61sQKqDQJHQrATuKCtFcgTrrnU4wPYEwqCFBoaGGVtcGxveWVlbG9naW5wb3J0YWxzLmNvbYgUAtgUAdAVAfgWAYAXAegXBQ&sigh=C8oESV6p2V4&label=vast_creativeview&ad_mt=142&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D141%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D251319255%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1699809784129
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A21F 		0
0
r
on-device.com/ Frame 72A9 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://on-device.com/r?campaignPk=9icck4na&dspPk=vs2b4tce
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.149.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
Wed, 1 Jan 1992 00:00:00 UTC
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72A9 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI26mj8vy-ggMVi6D9Bx3_GQHIEAAYACD8yNRd;met=1;acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame 72A9 		0
0
dc_oe=ChMI8cb28fy-ggMVqGvTCh3l8g2sEAAYACDa0eddOhoIrZXangMQqeCwiMAEGK651OMDIIr3iL2GEkITCIbGhPH8voIDFRtOwgUdIm0GmA;dc_rmcid=CAQSTgDICaaNQ7x1z6o_66i9VOCslMd9Leo6WCbtTA86YB3mCq4K3dihnlLvJ5Son77-mkCpV5q...
ade.googlesyndication.com/ddm/activity/ Frame 72A9 		0
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 72A9 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cjb3K9AlRZYb8Bpucid4PotqZwAnu-P7pcor3iL2GEvAuEAEg5M34e2C7hoCA0ArIAQWpAq1iYcWIg7Q-qAMByAObBKoEjgJP0M9DB4PQbQAGN-fGUwqEN2AE8brRldieBB06AaOWUXjr4Vt0aoLi_AYaujPzMbMDTbnnRqpbNS7lq_9Y6gcWRedsUigLrUQXvP5FZxUV01zaBmgmkQoXuwVJw_CVNdAw9rRpjIoXolLypFDzm67f1Fj8ZhChcSn5XIsOAgBy1Z_BWBfI_3PcVgiDMGfsVWEl-fHbjtW1HbJMx97y_uXa_Q1jdfvHvvv3x1wB1V5HHRw4P1N_iQBExpSGYqs38GeBy_BCuecitAY0bjqyj2V_nYvi8Y50fNxPjap38tfxYWU3DGvym17cTEBFTBu1VoNglOFDn-SjAKjn78jd6GwYcUarzF8o10O7ulfGa2fABKngsIjABOAEA4gF9qHCvUyQBgGgBnnYBgKAB_WYoJwDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAI2ZSoBLAIAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGiDBAqDgoM5LSxAu61sQK7u7ECqg0CR0KwE7igrRXIE6651OMD2BMKghQaGhhlbXBsb3llZWxvZ2lucG9ydGFscy5jb22IFALYFAHQFQH4FgGAFwHoFwU&sigh=ggqHT3OnQMo&label=part2viewed&ad_mt=27&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D26%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D612594078%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699809784211
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 72A9 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHArPKIYf0Td5fs3wPRXx50BesjgeJg25rQoGgDSNCL92qefdGZjZE8f624vhCYPXPm5KN7aMNlwV2xchxOQaMnWH80Bt20CahtMPLmxRDjfmB9gshQHu2hRvFj7elX2tmI8FmhsjTqKiAQaWeNCq72B3vGRwCvyPxfwA-aMTms6dE451kMb04vg&sai=AMfl-YSLLRWDPe8HgCXcCBBHan6sAtRIhW1U_Lxaj_qCaK0QAgeAW1UwVjbxA9iVj7F1ww2dWngVcmNJOJr1IGurm4RkWFlELgAMv2Z9Pw&sig=Cg0ArKJSzIWaEyVhgqP6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel.gif
obo.moatads.com/ Frame 72A9 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obo.moatads.com/pixel.gif?e=0&g=0&ac=1&bq=7&f=1&gh=0&hc=0&i=OBO_VAST_WRAPPER1&t=1699809782&de=589320914&vz=589320914&d=30217569%3ADBM%20TP%20-%20668871754%20-%20TRA%20-%20DV360%20888189431-Pepsico_UK_PepsiMax_Inhouse%20%28HFSS%20Restricted%29%3A373317506%3Avast&bo=undefined&bd=undefined&bp=&apif=7&zMoatOrigIKey=VID_PEPSICO_ESSA_DCM_VIDEO1&zMoatGSR=1&zMoatADV=10873605&obo=1&rai=ROKU_ADS_APP_ID&oa=[STOREID]&yd=-1&zp=21&app=-1&gu=-1&id=0&ii=11&cdom=-1&uai=-1&inst=-1&psz=-1&pst=-1&cs=0
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 12 Nov 2023 17:23:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 72A9 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWBYssEjTvV5nOaZj35jrOBkGWuez7U2GRVrXNy9Uf3pqItoNcVM7NEvY1-196UC9JWiCGPC2Q4xKltphGJAOy2QrFb9uxiude5_XAGCam_7ydVwnTDZFdIy6Wdik3wCwIqewtGCKG9KAHmVLiBaLBJSCrQLc-snnF_jBYsP8t5T3YL17pYf41-hQsx-fQf0iaQpBi8ZtP9GLqUuYueIZG6S3xuTLzePPUv3Pj57yunn0b5biwXHlEF1tjJ9F7tIjfN91iwiCdDrJFTV-NfXuMirTPNEin1b7FGMAB-0TyDVhwdKCz-8mYjW0i9z1s2rqDtpRBvQpk7nLQV7-8v0utQnMdqV-nZVXVJRuZ431eYVjoWzoRablmNvU4GpwbjLuQCKUlpotwUhGMOGY8-gJJnEXzKnLR4-jv68VVPiSgIv5lFArIKL6g4_1VNZHQiIh3P0zg_-17IyX_7W5QhZyBoCSu8NHdmfAahAbTvhMvKGlnuS07q1NqDhVUG3yQanqq8LJ0IdmJMXt329VGswoHjvZJ-JxyuUPtv4ilTYooAu8LB9OYI19M24BwlZvIBiwa7oUeo-bUosx1hipRyXhC7wm5TmcU_iCUS7M_36oRkozmOytlBA7jqDNUCBavD8dpjE_oW2-A-ZDvNV5yiDB3wfc-KW8wMNQitGoRzSJeYhLOrx1VcVP5CKFRwc6PLbK6ByPsqQQZuQnxu6evk_lXFeL5DUuf4ufl2DkaALXFjRu0MfACSnp0edDTGjBVgxIt-b8yoIQDJOZBigpldUg7t7NTKJPBBjpMs-RJv5OJ7NhQDCNPLCszmHRuihh90Ki0SRZ_alsWu5ONb6tZdMybfmUOQWLBxPknfBLWYqFjEJ7zya17KE3DMrY2NY-xTXPRjR1np_8xfZzpYqLEokWlzO7JMBbicjjo4nPGNhoT-kSA-ptwAdT-uh1Ukjewx3rJr_qsOMXa1Lfpz5Iu_SMFyVOaXW02BHh0MoY0Sb2sYmKS7ld58hSp8hgTbsfKYO_XelK4oDCupvysHtkS9hJh5wRF_dNq8PuJ1u5FKns1AeaGQsbDICbr7QxJK9EY4Jc6Xxd-RQ9RNiCf1YTMZ64NrDHDyp7jmWcJrxTjfD1tXUmgvql8QVqqnUSdVugRDs1eYmyfQOWouseWCmTatDwQx3TK0-aRBTfO6ekhkPVgqzq12yJA6SqkOtduvSlTtLkQvZ8rGq0P-vAsa0dJuMSUkzVD4ePRNyfgLeSwJTRorl6c7FguOj1o_aaNajpXlBlmvukrulx5TPzmgXe3Ujsbq-G8wxeigikr3jtYMrjTj42ReMSNgONyA7FwXfgyi4VYVDRO1H0bO71IHPI&sai=AMfl-YRHrzRn3TgEcc3QlszZmVW9ADfeEEI7lPzLHldtb0-R0PQuD1EWK3xEEL4e19z47l-iMy8-vxw1-O2Gl95YYkdQWScm53sqJ0WBqqNhhRJsu5yz8z9jOqgbYl7f-VFPreHIQDJe8sfUfkIrcRkvVYI-fH29PfmeY-P4gb_2JQHSrtFS6YvkwuBsNYF1yYqdHPt_Ghi58yixy44kdxOQJAqLg4kXaeMdZw-pzOLDJZYIm6W5dPZ4WBlG5ht17eXldwVuLykvCCKCYxGv_G0Sx3CLnLfkM-gtifE3Qw&sig=Cg0ArKJSzFN4IKrQ1A0iEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 72A9 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrY-L4CEK2V2p4DGJfC-vMBIAEwAQ&v=APEucNXR8XnGE3LiciBnISGtsL8IQU1gg_f1W3_bigYzRHZAKgdhaWkB8-6uReNLYoM_RWfMlxOjeWIsDNawfRxPEUXnafjD7A
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 72A9 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 72A9 		0
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 72A9 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cjb3K9AlRZYb8Bpucid4PotqZwAnu-P7pcor3iL2GEvAuEAEg5M34e2C7hoCA0ArIAQWpAq1iYcWIg7Q-qAMByAObBKoEjgJP0M9DB4PQbQAGN-fGUwqEN2AE8brRldieBB06AaOWUXjr4Vt0aoLi_AYaujPzMbMDTbnnRqpbNS7lq_9Y6gcWRedsUigLrUQXvP5FZxUV01zaBmgmkQoXuwVJw_CVNdAw9rRpjIoXolLypFDzm67f1Fj8ZhChcSn5XIsOAgBy1Z_BWBfI_3PcVgiDMGfsVWEl-fHbjtW1HbJMx97y_uXa_Q1jdfvHvvv3x1wB1V5HHRw4P1N_iQBExpSGYqs38GeBy_BCuecitAY0bjqyj2V_nYvi8Y50fNxPjap38tfxYWU3DGvym17cTEBFTBu1VoNglOFDn-SjAKjn78jd6GwYcUarzF8o10O7ulfGa2fABKngsIjABOAEA4gF9qHCvUyQBgGgBnnYBgKAB_WYoJwDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAI2ZSoBLAIAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGiDBAqDgoM5LSxAu61sQK7u7ECqg0CR0KwE7igrRXIE6651OMD2BMKghQaGhhlbXBsb3llZWxvZ2lucG9ydGFscy5jb22IFALYFAHQFQH4FgGAFwHoFwU&sigh=ggqHT3OnQMo&label=vast_creativeview&ad_mt=27&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D26%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D612594078%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1699809784211
Requested by
Host: employeeloginportals.com
URL: https://employeeloginportals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&slotname=9138567344&adk=1151606242&adf=1850635622&pi=t.ma~as.9138567344&w=820&fwrn=4&fwrnh=100&lmt=1699598363&rafmt=1&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809779535&bpp=2&bdt=675&idt=389&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=394
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 72A9 		0
0
current
dclk-match.dotomi.com/match/bounce/ Frame F46D 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAeBMNQE1o3KV4e6gT6WzJM&google_cver=1&google_push=AXcoOmRJwyou7r44DFZVrefMPZY4dJq6l7MIjKhbFceGib0T2tFojqVZTRXmIHi2-N3V-pUI1r1kHdwliIkL0-Vl31_lGCYvLG5TWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame F46D 		0
0
google
match.adsrvr.org/track/cmf/ Frame F46D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAvZlCduOxJ_wbDs3_Eph20&google_cver=1&google_push=AXcoOmQcRu4XFVEVJSUU-a0wyJd8aRZ552jbHGUw_FBqlZogpzUg5UZgQoOTzx81BUL_-Iv4fJJuKNcHjzcD5MNh8_vdyvSpyLj5uw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame F46D
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH0TtQxXESrPDxtqjvfLnsw&google_cver=1&google_push=AXcoOmRfm4ClxhGIQ4RrzqjP7QDS5z6kDVy6dAyWX4sV2cQFaGUVw-4PyumAUqqDYY2rJKmJFdXu2R---wyZ-Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRfm4ClxhGIQ4RrzqjP7QDS5z6kDVy6dAyWX4sV2cQFaGUVw-4PyumAUqqDYY2rJKmJFdXu2R---wyZ-YI7ArVoJFAw_jZ0gw&google_hm=hmVRCfevQ37ztsn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRfm4ClxhGIQ4RrzqjP7QDS5z6kDVy6dAyWX4sV2cQFaGUVw-4PyumAUqqDYY2rJKmJFdXu2R---wyZ-YI7ArVoJFAw_jZ0gw&google_hm=hmVRCfevQ37ztsnUeA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D655109F7AF437EF3B6C9D478BLIS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRfm4ClxhGIQ4RrzqjP7QDS5z6kDVy6dAyWX4sV2cQFaGUVw-4PyumAUqqDYY2rJKmJFdXu2R---wyZ-YI7ArVoJFAw_jZ0gw&google_hm=hmVRCfevQ37ztsnUeA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D655109F7AF437EF3B6C9D478BLIS
date
Sun, 12 Nov 2023 17:23:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F46D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENIp1yOPOQr9_BXFqgBgpCY&google_cver=1&google_push=AXcoOmS1BWyVk-I9BB4_Xnrw6zpCusm2WiAolzxcSC3qpuLMuw3nCms94VGIIJjFyPBzC_ul4A0fKLZL3roDS6CSmuHxSOo...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1BWyVk-I9BB4_Xnrw6zpCusm2WiAolzxcSC3qpuLMuw3nCms94VGIIJjFyPBzC_ul4A0fKLZL3roDS6CSmuHxSOo6G9fv7A&google_hm=eS1fODFQMkM5RTJwR2FZ...
0
0
usersync.aspx
dis.criteo.com/dis/ Frame F46D 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQNbFAcD-miJgKQNS23IQjG1KDutmcUhHJN0m8vQ-FnZhy8jj2AwFXdhMOuz--ejBbfsIPfZqouY4G7r2lHwbkdx8fHy8tjqg&google_gid=CAESEKiu4tcgqiddmnekPKA8fQE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
324670
expires
Sun, 12 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F46D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDr8rsi5chM3NHU61pWjDZ0&google_cver=1&google_push=AXcoOmREeMYbdUUuGTS_pu8VH1pkvGcgWSZvYZxLD17CHqIwCnlJd6DzfcGoB-M6x6nx0CTS286_A5nq...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwNDA3NTE4NzAxODYwNDUzNg&google_push=AXcoOmREeMYbdUUuGTS_pu8VH1pkvGcgWSZvYZxLD17CHqIwCnlJd6DzfcGoB-M6x6nx0CTS286_A5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwNDA3NTE4NzAxODYwNDUzNg&google_push=AXcoOmREeMYbdUUuGTS_pu8VH1pkvGcgWSZvYZxLD17CHqIwCnlJd6DzfcGoB-M6x6nx0CTS286_A5nqTD6zLx6ZJ9nvJScfHlhX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:23:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIwNDA3NTE4NzAxODYwNDUzNg&google_push=AXcoOmREeMYbdUUuGTS_pu8VH1pkvGcgWSZvYZxLD17CHqIwCnlJd6DzfcGoB-M6x6nx0CTS286_A5nqTD6zLx6ZJ9nvJScfHlhX
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame F46D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2WCxp48Zk3SClHYw_u8VcPuESdBzpyG4Y7Lne4EUytwv_27H2AGRfrgh1INNDG1Fi02Pk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9340358673009042&output=html&h=280&adk=2546437900&adf=1208920853&pi=t.aa~a.2287860736~rp.4&w=820&fwrn=1&fwrnh=100&lmt=1699598363&rafmt=1&to=qs&pwprc=8720699785&format=820x280&url=https%3A%2F%2Femployeeloginportals.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699809781617&bpp=1&bdt=2757&idt=-M&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C820x280%2C820x280%2C280x600&nras=4&correlator=7978397381970&frm=20&pv=1&ga_vid=2750680.1699809780&ga_sid=1699809780&ga_hid=573924306&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31079438%2C44807460%2C31078301%2C31079382%2C31079588%2C44807764%2C44808148&oid=2&pvsid=2326258049932949&tmod=1883670684&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 12 Nov 2023 17:23:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CD0 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11152216217484;ec=11152247944009;adv.a=6974260;c.a=30230368;s.a=3665299;p.a=371660852;a.a=564151750;cache=916593797;
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJQJ5nZhcrZ4ZCsPh6vSnAA&google_cver=1&google_push=AXcoOmQxTvIM6QrL1JHyvCTm0cVihGpZ_YlKEvpgl5vcdxP6BUe9Wm92wpFWQwtntpnsMmWsCGetBes2M12zDWHy8qKdDvdJ2OWoR4PFsw
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1aWj8vy-ggMVjqD9Bx3MkAW7EAAYACD8yNRd;met=1;acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D141%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D251319255%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699809784129;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgOj38fy-ggMV5OTeCh2hFg8jEAAYACDa0eddOhoIrZXangMQqeCwiMAEGK651OMDIIr3iL2GEkITCImThfH8voIDFURMwgUdxHMHLQ;dc_rmcid=CAQSTgDICaaNrSZpZ7ao_m-XGU3cuyNHFnuji1GmhqHLxhqNXi4HrL2xOH2tsRDX5zFYn_S9O5K5GXFWR4k-Au7560RkSinU4tzcZDW2JJDPSBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D141%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D251319255%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699809784129;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=9~lovquv31&c=4854621573240&slotId=2427310786620&qqid=CImThfH8voIDFURMwgUdxHMHLQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=485&mt=video%2Fmp4&vs=720x406&dm=10000&event_name=first_play&asset_bytes=212615&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.38w~ff.39b~videopreviewstarted.39c
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI26mj8vy-ggMVi6D9Bx3_GQHIEAAYACD8yNRd;met=1;acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D26%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D612594078%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699809784211;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8cb28fy-ggMVqGvTCh3l8g2sEAAYACDa0eddOhoIrZXangMQqeCwiMAEGK651OMDIIr3iL2GEkITCIbGhPH8voIDFRtOwgUdIm0GmA;dc_rmcid=CAQSTgDICaaNQ7x1z6o_66i9VOCslMd9Leo6WCbtTA86YB3mCq4K3dihnlLvJ5Son77-mkCpV5q9TQvRjGP_N-AMRO8oxpb6wjksvx7h7_DJBxgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D26%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D612594078%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699809784211;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3-QUY5Dww7RqPZxJlAtSK8HuL8xKmPz0SqvzHWwVvz48QmgoPwKgXlt5N16_DPT9fL-aIwtf1ChrpO-oQ12pM6JF0Pt53zJ6lHQuH8te_2GTqoNsc0fLkxg&sig=Cg0ArKJSzGEA5a4XV6NeEAE&id=lidarv&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D26%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D612594078%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699809784211&avm=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3J6as7FT0PhywX3fPtWkb-C6BUChf8sMGG8ne32KNJYhKI-_nurfFwImrhzOkgz8FRJILD4NoLAwM-wlJWrpiRwSGM1WqSa0BViihvP0fRTHNB93lY62Qpv9f0xkRuWM&sai=AMfl-YTvwhIiU6upcjBstbdtYN93baugPx7ZDuCjCi3kwZBR6-Pt8S0C5e-dNbWlqXUgDGjW_SnDqWevJf_fHP1_gTuWJeuHAAXytSov3a24hs5dLJUc3PJ3SrAsQ8g_Ivt8dbRb5m373YIF00erit4Y&sig=Cg0ArKJSzCzdRhCba_XKEAE&cid=CAQSTgDICaaNQ7x1z6o_66i9VOCslMd9Leo6WCbtTA86YB3mCq4K3dihnlLvJ5Son77-mkCpV5q9TQvRjGP_N-AMRO8oxpb6wjksvx7h7_DJBxgB&id=lidarv&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D26%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D612594078%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699809784211&avm=1
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=9~lovquv2y&c=1174622766579&slotId=587311383289.5&qqid=CIbGhPH8voIDFRtOwgUdIm0GmA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=485&mt=video%2Fmp4&vs=720x406&dm=10000&event_name=first_play&asset_bytes=213684&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=12&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.3ax~ff.3b3~videopreviewstarted.3b4
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEPte0JlSUKhNPWLEqNVCzTU&google_cver=1&google_push=AXcoOmR-FsVocHUN9v1j_sO5F7LSgQuJnAGuUJJoEWzYwbQ0k-cABsN7QG_lDN8WFaEZXBhNYR0i-GsU3aE_I0yPxvPPyYKGsD9tgg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR-FsVocHUN9v1j_sO5F7LSgQuJnAGuUJJoEWzYwbQ0k-cABsN7QG_lDN8WFaEZXBhNYR0i-GsU3aE_I0yPxvPPyYKGsD9tgg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1BWyVk-I9BB4_Xnrw6zpCusm2WiAolzxcSC3qpuLMuw3nCms94VGIIJjFyPBzC_ul4A0fKLZL3roDS6CSmuHxSOo6G9fv7A&google_hm=eS1fODFQMkM5RTJwR2FZZ1JUWEVsekh4RnVnRGRZdE40Yn5B
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0Cmf9QlRZZyZMo6cid4PpJO08AwAAAAAOAHgBAI&bg=!FxSlFFvNAAZxrfrxUa07ADQBe5WfOK9zPnO1WPfa4JvFd5QhDaN4rLfnXEM-GigKek7fegp0Hnky_ylbFJNmhQgdZ31UAgAAA1dSAAAABmgBB5kC9J-wZnJ1oONn4FEG-WhcUpb2HByO06Ep8JELLctx4xal9vH9xSvKPwh8KyxtV5jMQHvXvSf5Tsn7HcGDU3hRAJWhgOGM0Z_vCXdP1up6kyCg8eE4HW6UKXd5_JTdyU4dOzj2JbO4_k-WanMUXSqiKyo6Jjz4CpcRiofY4WZumd7aaInJqVUxV0v7U8kTLdv963pImDFfrTDAnsQv3RutVR7JxE6oX_Nm11Q2N5HY9wswYN9Eh9ULy_UQPvsySTvlVIXnjzHfMPSwXyfoSDV3lU2EsElHnfHWnNRrbhXwh2rdQqrBRQXtnmEpTRuJuRtUeR8yZtLMNrah6DpOSlc-7aJGecx-Jpd9xejMTMeRapq-SEPY5blasPhydXE8lrSU_kvXDkB_IOBnxCB9slb6P9myPV7TieGuONGqIig-u_sGTaL-xAQMieL584BN6utXPOC0oKM8gwFqLQ0yEoTLKVC9_u_hJ023fU3PJjK_LoIHa7sGk9XvbbyEI9W2uBS75jog58ftYQKgYJBwJHQDfnPO2JtHixSRpsecJ8JuzMa5wQ0vPamTpxpbhu8YEsApG_YycLTwczaa9VV2Saza0Vrjo7YtCTgiu3j_AKz6JsA0zMNYV7JMr_AAw2cMs8CIT94U_tOicu_C6MrRELllVNtxEqSZ-nvG0unRtX_ek3vNNOyy7F8X7ooaH2Fz6g5okCARPyLF_CVF0bo_BwYigJ3vKF-YQvH7Xe2WqNOqNkhh19nO9n_nIFGvp83KYFwDb5x62AVsgxOmHAEmahyTEtJZ_t11ci_He0o62k4DtdYGSd2cTXiEY7bsMT1J0fDVepnHPyjtrZueKXyD_0ZNQXG1d3IrNwj9zlZm55WwCOZqy26z1qg0CMUfHGkQrIS1U4zMB3kxvGzyet31ONaN8v9JUoOuKOnU5N3rztpT6YLYecq0da0AoYJ42gTcKtORPeqKN1p7WgnKn7_AphXW9_U7OsxRI4fRSRSX694sDtqpv5FSGw

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture function| gtag object| dataLayer object| adsbygoogle object| wpcf7 object| wpilFrontend object| tocplus function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| generatepressMenu object| _stq object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe undefined| $ function| jQuery object| swv function| wpil_link_clicked function| openLinksInNewTab function| hasParentElements function| makeAjaxCall function| callWithJquery function| callWithVanilla function| getLinkLocation function| st_go function| linktracker_init object| wpcom object| hash object| qs object| pathname object| hostname function| LazyLoad object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy string| google_user_agent_client_hint object| gaGlobal object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag

33 Cookies

Domain/Path Name / Value
.employeeloginportals.com/ Name: _ga_FWS1JGBEMF
Value: GS1.1.1699809779.1.0.1699809779.0.0.0
.employeeloginportals.com/ Name: _ga
Value: GA1.2.2750680.1699809780
.employeeloginportals.com/ Name: _gid
Value: GA1.2.1100863952.1699809780
.employeeloginportals.com/ Name: _gat_gtag_UA_192926347_1
Value: 1
.employeeloginportals.com/ Name: __gads
Value: ID=64f3ccaf3b392aa8:T=1699809779:RT=1699809779:S=ALNI_MayRw2VPC5IEfpkGpZbkzdnpb8Yow
.employeeloginportals.com/ Name: __gpi
Value: UID=00000cd7b835f81f:T=1699809779:RT=1699809779:S=ALNI_MbtVxxmTad4UGdPD8lyel1yjZQ5yg
.doubleclick.net/ Name: APC
Value: AfxxVi5zlgySEKU4yMAKucpQD6-72Lc7I82Bg5ivtSR5OS-LStoSwQ
.doubleclick.net/ Name: IDE
Value: AHWqTUl2avKjEcP31tv5e6PVQdzI01Z971o-ma5bBNLHYDtpJHjxk7EqcqfYQQ2rJWA
.adnxs.com/ Name: uuid2
Value: 2574581000989305106
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBPYJUWUCEDWWk4SMQZ3GHq0n2NjWyPgFEgEBAQFbUmVaZQAAAAAA_eMAAA&S=AQAAAsvhYJPLB65uC1nJ76JCY-4
.casalemedia.com/ Name: CMPS
Value: 335
.casalemedia.com/ Name: CMID
Value: ZVEJ9swyHxMu3YfBT7xuSQAA
.casalemedia.com/ Name: CMPRO
Value: 717
.adform.net/ Name: uid
Value: 1204075187018604536
.rlcdn.com/ Name: rlas3
Value: HhfT0MUalTJ2JniOPFVra2d6v4BE5eskEyOw4CKO8XM=
.ctnsnet.com/ Name: cid_5caecc96f7834097897d015fd2c053da
Value: 1
.ctnsnet.com/ Name: gid_CAESECKWuur8zkSQGxCRjIvt0f4
Value: 1
.blismedia.com/ Name: b
Value: 655109F7AF437EF3B6C9D478BLIS
.rlcdn.com/ Name: pxrc
Value: CPeTxKoGEgUI6AcQABIGCOndKhAA
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVEJ9wADRryQYgAU
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlcL/nt.!A#G+.TOKKnyW<U1`VROYQM-:`u.0oEVaN*<zj8MZg?$j:wI)/:cl//f`bG><QG=%9sk@3@'s>T:^dgQ
.turn.com/ Name: uid
Value: 4002734518935736318
.simpli.fi/ Name: suid
Value: 42BFC68BC0A9498F9B0D1825E3CCE57B
.addthis.com/ Name: na_id
Value: 2023111217230300073072490117
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 655109f795dc7921
.addthis.com/ Name: ouid
Value: 655109f70001cfe3de7078358b96ace316218451f9fbe2b2172b
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20231112
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0

2 Console Messages

Source Level URL
Text
network error URL: https://ad.atdmt.com/i/img;adv=11152216217484;ec=11152247944009;adv.a=6974260;c.a=30230368;s.a=3665299;p.a=371660852;a.a=564151750;cache=916593797;
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://s0.2mdn.net/sadbundle/5652536573653377701/index.html?ev=01_250
Message:
<link rel=preload> has an invalid `href` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.atdmt.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
allportalhelp.com
bid.g.doubleclick.net
c0.wp.com
c1.adform.net
cdn.doubleverify.com
cdn.pathtosuccess.global
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
d.turn.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
employeeloginportals.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
images.dmca.com
imasdk.googleapis.com
ipac.ctnsnet.com
match.adsrvr.org
obo.moatads.com
on-device.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.wp.com
pr-bh.ybp.yahoo.com
r.turn.com
r1---sn-aigzrn7d.c.2mdn.net
region1.google-analytics.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.tribalfusion.com
s0.2mdn.net
stats.wp.com
svastx.moatads.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tr.blismedia.com
um.simpli.fi
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.tribalfusion.com
ad.atdmt.com
ade.googlesyndication.com
cm.g.doubleclick.net
csi.gstatic.com
googlecm.hit.gemius.pl
pagead2.googlesyndication.com
104.18.36.155
130.211.44.5
142.250.185.230
142.250.74.194
151.101.130.49
178.250.1.9
185.89.210.90
192.0.76.3
192.0.77.37
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
216.58.206.34
23.192.153.172
23.213.165.236
23.35.237.56
2400:52e0:1a01::852:1
2600:9000:2490:2600:19:8ca6:3640:93a1
2606:4700::6812:18ad
2607:f8b0:4008:813::2003
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:806::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4009:34::6
2a02:26f0:3500:d::1732:83c8
2a02:fa8:8806:21::1690
2a05:d018:d29:3601:af70:5903:a54a:226c
3.123.104.22
3.33.220.150
3.69.104.214
34.96.105.8
35.186.193.173
35.204.158.49
35.244.159.8
35.244.174.68
37.157.5.84
43.230.201.8
51.89.9.253
52.212.149.111
64.233.166.157
68.183.21.49
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
057dfcfe9e3a20acde49c7fbb325fc03f36faa88bffdf98d3d8d3388a4e1b670
08b37aca16a892d64ffcdf0714db663160d388dfe6df8920177ef788b5501535
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9d4ef2923a2bd080b4a88e29aeff2962a55ece93b23153328504299c5349b7
0f2757037b0891098cb0e503a5fc5a33b58da2eb8c4cb3d1b78c4d9c8af81223
12079d726c73d0d9debe4f0ebbc24fcbb1c22368d83192cb3c65b66c951fe2f6
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
182decfd09b5faf8a5bdce5b6069a7e8983511e0e2f256b3da5765aa4d9ab933
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72
1b8ea3665c171dfb165266c135c84516e4add691e3ecbf4f03b3272557cb70e2
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
207a26ecddc902a457338bf04b417424694888725642fe55cbda5f5619ed546c
2099ed9fd0d035b21bfb21ce40406581b80827f6b783b8692272a84dd647b85f
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
27fa9cffaa69ea8a651822c45c47f26fe5e7633d843052034670c8a6785877e5
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
30eae664aac82efc26b3c95c4c34396fd7e040bc938952a284f7f0bff39b6081
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35cb73d18e66a622b886c0f6ad9e43a6cc006f12b148d0a8d58178041761a01b
36218f42a8cdf80af1ee54a7993cc3efd72a0e8e6953e4a72ba15e17baec9fdb
37a4a4183661fb6b71d68caa308f109d17194642c3bd3b5c661b46d21f0ad889
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b
3f0c8b3969f58cc9605c9515e33c5ea1e49b60600be464f0a27846d702bcdd94
3fa4a476ff82236290ed4fdb176ecfb32438dccbf19335035f37dbf6ba4f1dca
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43541b392c10da0cab8d5052273bedf1d06d3222344838146c4721a727a1f9db
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43b607f7e2e10048f170f82f9e9ca51f9166f0ef6eb5905d45cc9345a92dc1cf
43f3906be65c9a5aaadfc9035d0aa0a050d1bf44ba959a8862add5a4b540448d
45251d9898b156c5358d5f140631f0a905d0bccda559f1c8a903ec8415653cbb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a9b2e73b2962f3ae3ff92475340f6e4153940f9e882c7bb20cb9649557330f9
4af9dac8fb9b63a0212749b1d6a4466fab62ba560c630c71b378c1fcde550797
4b170e386b751bdfb11355a5c691c162347b26806471b67271a058eb55b35dcd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e213333a0380556049d579d12bd28ea169343ee6ab4bd9bd0919861d14e230b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
56109fa3da6aa8f73ea350d38977235631ed519eb883aa78b13f530b2744d67d
5949da0708724baa0704df69c1b28a87aabd9ba72b493ad373f53443e2f884f4
5bf560531b19403fc01c74792ab141006e71e8df4d43271d640af09154318f9b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d1dfe664e40212b463e2754344e0ec023d19985855c9828f6110546cb9f8129
5ec3cf85252834067a897cd02dfef64c9c7353987ba6db879474da3a113caadc
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
72d1920418b14c93f834f9ecc1564359c6836f5f8dcc806c3334f7dfbbf86965
733b2a2837f6831d00fdd9091eed0004767e49faec87e0d1872271eb932fcb9c
7806e25ab43b0091006bcaf91798a983ba12050380a4954c41ef87a92b7753e2
7958fa31c40cea048863922557272e6db969a2d59958be36dba7a2f1c6fc3f20
7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef
7eb9062180fa69fedb8b35848f99e9a7d90e8666719f7294b19673dafdc275e1
7fa973c2980f4f8311124cdd6d45644674246ff34f015534dd6e20e1eeb228d7
8015708c6edc59c89075ae7b2ff81442960b9db69d22f0591fe46377926826be
81dc3ed27de564018bf520378a8471736a07b73ff502fe5075554ecaaa3ff276
831a95adadcaefa084022039d0b505b234bfc2e1452b4483aa024c5904a6565a
8435e0f0f31e208f66007b24d23843a302ccd85e6709d310e05702aa3ae4f265
859a6f67969de5163d8a634a415b5b21bef92eae03968b0825ac1d099eaec920
85e77a0d5fa80528fe1bc360d15b05d100972b5f30502f539a182779de08d993
88f21490128244f54a38864c301f0c9be49f323f6da36c5f5a6bd02175647ada
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8c9ee4bf9f0e069ecf0037a5cde67640a7a323072f95efeecea32fb7177a518d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fd2ea79dea5e27405b945c57031dc9f1a3a864317961b99921c624b8d99b06d
90007725a25ce46d7eb3a86a87f2b5da2b82564dc09d1f85ffeef5d25851d67a
9141d5d16717af6987fb2a65da7a1fb2bb46806f3eed523f1f8cb92ce2f420b0
935916fc24df85645ca123f762cac02f2cc4f04912299553e5846176b75c2e69
9987b013c4f186e1f2aafbb28ba9a97d2803af2562b0ca30d93ed992c06b7341
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ef40f05c030889ccc2c4ecc4e18278f68cba224a1969915c71bcdb9ed535979
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a53078b0ce8b07b2a7033969301849e5a5035aef1339486be74619b375b9c67d
a7c3b69070e18da88843ce5865aae332f74fae0ada9c0a6004c6615c9813b4d6
a850bec7d3e3899fb7cd2c2cc7b4118f5a90525b240a3240dff327d9b5efe02b
ab4c91d229d32a46cacdfa0e0f01096060a891f4973f7699120d7ed39b90bcbb
acc450e36554c51b060a3ba51573e0995338c05e3ab60dc20d171c1ad825d966
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bed39580de7ed847757d5f722885d7b9ab21ca4c393074c8b62c1719991ffa45
bf81cd39db0030faa0e128af3d5195e498bf19958faae75ba5ea16d590eccc10
bfc74007a5da34364b70616b6ffadd05fa20152073a517793c9bc10634a92e8a
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
bfe9c21c59176a9f692d94b43d38dfce36091fd53da0ea68f4244d54cd3e05c3
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
c3bf443ee738ca0da96a918a1509c493b4a063d4fdba845574ae26333efc6ebf
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb068a653639dcb56965adaba3ab222cbe12841ede3b9adbcf66d98d5883847c
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d63bc89e40b4d59b309802e263af951d8149cc40bc45741ac06636f82589c5c9
d7cbb16c11db9f2d7ef179daf620425dd028396d23bc54957d80926b8ab08905
d810a330c0eccc3f3bc2c9f03da33eedc9609200e40c8a381be93c469cde3ebc
dd7962eec21572c5424221fa39990ce0bdb8f0a0dc844d296753edf21b7f31ea
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df34d2910dcb02c9e047650d2337592fb95b5cfcd6f880a1f984950cee23a83d
df88df96f09d9747755aa2b1f44bc857078fe9a8b6807897ed99d366d7271b20
e02b48b88352a0c0f5c14ae6cb7949cfa9bffd9743bf53f6ab8fd10459d91179
e16949ddc6955212354ffc84430f66c0e94fd0963fa98b0bc64286a7d6a74f54
e16cc0dcb6483e969661ee10c7752f3a9462a547b7b78279eac970808921a2da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a6b332ce0e1d7e9ffe36470190a421acd4bd6c6e70cd377a80c19b92cd06d0
e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6
eaefda0e11e3d0db2006f032c54bdd35d80efff177eb3c8b45f86150905b4538
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebebcda3c139e459329cc1aa4c572920fd341b0eaed3826f26675f5f6cd5c7df
ec46b59f5d0f8942aa460004d2b3d97a8c21ee3831230944efb60adc14984ef3
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
ed08a8c628a233937d08123ded989ebb25e93b1453d807f833f11f0d88ea111b
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ee926bad896113a52f4e3569a62edbc25151de83552e3cf90d51fb5b13de95f7
ef0a8154545152706f731b9264995110cfff95d06f4b18e87714b404a9b453f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f271360c544394f70c29284d881571e3b69ee6fa4a3a41d81c5a3d074cbeff4f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f432344f23b093067ffbc631fc546bfca646bf05f4df5073289d47976d86d855
f47a34b015d1426116bca27758e1c6023111ae030224b7848a701bcfc4e930fe
f4eaf827f727b343b1f0231d654fa69162b98bb479e34fbc8fb0acbf8333129d
f866f4e0712a9c8d4a0113381fcc5dc95462e94db30652a5cefd56b3a7091671