www.dduguonline.com Open in urlscan Pro
2606:4700:3032::6815:550b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dduguonline.com/
Effective URL:
https://www.dduguonline.com/
Submission: On March 21 via api (March 21st 2024, 10:58:29 pm UTC) from US — Scanned from US

Summary HTTP 61 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 17 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3032::6815:550b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dduguonline.com.
TLS certificate: Issued by GTS CA 1P5 on February 6th 2024. Valid for: 3 months.

This is the only time www.dduguonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:303... 2606:4700:3032::6815:550b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:112:f008... 2620:112:f008:200::101	26120 (RHYTHMONE) (RHYTHMONE)
1 7	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
2 2	23.36.85.188 23.36.85.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2606:ae80:145... 2606:ae80:1451:24::730	25751 (VALUECLICK) (VALUECLICK)
1 1	20.253.86.149 20.253.86.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	44.216.123.11 44.216.123.11	14618 (AMAZON-AES) (AMAZON-AES)
1 1	172.105.235.90 172.105.235.90	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	54.210.145.203 54.210.145.203	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
61	16

6 2606:4700:3032::6815:550b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dduguonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dduguonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:81d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f008:200::101 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.40.98 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.85.188 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-85-188.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:24::730 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.253.86.149 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.216.123.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-123-11.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.235.90 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1889-90.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.145.203 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-145-203.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	548 KB
11	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 353	103 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	91 KB
6	dduguonline.com 1 redirects dduguonline.com www.dduguonline.com	79 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 5498	888 B
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 3968	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1499 r.turn.com — Cisco Umbrella Rank: 6873	888 B
2	google.com www.google.com — Cisco Umbrella Rank: 5	1 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1221	1 KB
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 11117	600 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 2192	35 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 7835	465 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 387	76 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	257 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	90 KB
61	17

	Domain	Requested by
15	tpc.googlesyndication.com	www.dduguonline.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	www.dduguonline.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
5	www.dduguonline.com	www.dduguonline.com
4	www.gstatic.com	www.dduguonline.com googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.dduguonline.com googleads.g.doubleclick.net
2	www.googleadservices.com
2	dclk-match.dotomi.com	2 redirects
2	px.owneriq.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
1	sync.srv.stackadapt.com	1 redirects
1	a.c.appier.net	1 redirects
1	rtb.adentifi.com	googleads.g.doubleclick.net
1	mweb.ck.inmobi.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	cdnjs.cloudflare.com	www.dduguonline.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.dduguonline.com
1	dduguonline.com	1 redirects
61	22

This site contains links to these domains. Also see Links.

Domain
www.xamstudy.com
www.youtube.com

Subject Issuer	Validity	Valid
dduguonline.com GTS CA 1P5	`2024-02-06` - `2024-05-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.dduguonline.com/
Frame ID: FD162A64410B0D94103CDC250CAD5740
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1524974718570855&output=html&adk=1812271804&adf=3025194257&lmt=1694179112&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.dduguonline.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711061902196&bpp=7&bdt=263&idt=348&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8397078530262&frm=20&pv=2&ga_vid=868544934.1711061902&ga_sid=1711061903&ga_hid=1846168080&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081793%2C31082023%2C42531705%2C44798934%2C95320377&oid=2&pvsid=4397243766396049&tmod=98696874&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=436
Frame ID: 6869EC39539EF2001E1AB6114BF4088A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1524974718570855&output=html&h=280&adk=3361079494&adf=2307165312&pi=t.aa~a.3705073637~i.3~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694179112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7780890400&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.dduguonline.com%2F&fwr=0&pra=3&rh=200&rw=1500&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711061903373&bpp=4&bdt=1440&idt=4&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8397078530262&frm=20&pv=1&ga_vid=868544934.1711061902&ga_sid=1711061903&ga_hid=1846168080&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=4087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081793%2C31082023%2C42531705%2C44798934%2C95320377&oid=2&pvsid=4397243766396049&tmod=98696874&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9
Frame ID: AB4ED37D299C117F527BA88E5F2451F3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: 31E3532777623665015591012A208E56
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 2D22A71DDC499D5C7BBBE2A8CA3267A9
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tg0eXlKSKRHofALw13T9RBtpGLVNeNay91Fh1pIZuhE.js
Frame ID: DA1BDFB01A12B36776A3CBC3DB1CA052
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A069063DC9C183C9A1B10C398D890170
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tg0eXlKSKRHofALw13T9RBtpGLVNeNay91Fh1pIZuhE.js
Frame ID: 22DB0DF4731F7E42404C07CF1D8C89D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2D7A1A03C796DFB0F1821550ABF5006
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E8A36AC8882263A79DDD40DD1A1AAAD1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DDUGU Question Papers All Courses All Part, DDUGU BSC Papers DDUGU दीन दयाल उपाध्याय गोरखपुर विश्वविद्यालय, गोरखपुर Deen Dayal Upadhyaya Gorakhpur University, Gorakhpur, UP

Page URL History Show full URLs

https://dduguonline.com/ HTTP 301
https://www.dduguonline.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

61
Requests

89 %
HTTPS

65 %
IPv6

17
Domains

22
Subdomains

16
IPs

2
Countries

990 kB
Transfer

2493 kB
Size

21
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xamstudy.com/gate
Title: GATE

Search URL Search Domain Scan URL

URL: https://www.xamstudy.com/gpat
Title: GPAT

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC8i5o0lcnqEWXJKn0ayzg0Q

Search URL Search Domain Scan URL

URL: https://www.xamstudy.com/
Title: Xam Study

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dduguonline.com/ HTTP 301
https://www.dduguonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHymFyLkgePToOOG-WGkEXw&google_cver=1&google_push=AXcoOmTMcgD1UGcnwQ5PL8IkPaAM_ol_adUrPHaX7IBKuUyi7Be3_KUhQBl4rbsLWpwEO6peC-L9tn6IZWgWJuwzLzJSgOccg3p7NR4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUxODYzMDAzODAxMTU2NzUzOA==&gdpr=&gdpr_consent=&process_consent=T HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHymFyLkgePToOOG-WGkEXw&google_cver=1

Request Chain 41

https://px.owneriq.net/ecmg?google_gid=CAESEETVfilSL43nk0tIdNOLlEw&google_cver=1&google_push=AXcoOmQHRrY6a6nsyd6Um2jse75C3-GKBwSKJdDjJx2r_6ek4YBSNlgO4ScsQiePOgsfEnoRjRG2I9Bc_c-gx2NyzCoFg_h11NzuC3c HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmQHRrY6a6nsyd6Um2jse75C3-GKBwSKJdDjJx2r_6ek4YBSNlgO4ScsQiePOgsfEnoRjRG2I9Bc_c-gx2NyzCoFg_h11NzuC3c%26google_cver%3d1%26google_gid%3dCAESEETVfilSL43nk0tIdNOLlEw%26google_hm%3dUTc2NDM0ODMwNDIwMDQxNTcyMjA%3d&uid=Q7643483042004157220&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQHRrY6a6nsyd6Um2jse75C3-GKBwSKJdDjJx2r_6ek4YBSNlgO4ScsQiePOgsfEnoRjRG2I9Bc_c-gx2NyzCoFg_h11NzuC3c&google_cver=1&google_gid=CAESEETVfilSL43nk0tIdNOLlEw&google_hm=UTc2NDM0ODMwNDIwMDQxNTcyMjA=

Request Chain 42

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM-LrcdviCleu2YdGz5WZeM&google_cver=1&google_push=AXcoOmRJi8XVmYQr6ltCaURwx-hVNzuEsFwJ_7hNUpKT2h3mG2jrvOUmALOnVJmprAfs2hi5yIdNP9ykUT3Uu04xIyti6ELyxIYFtkE HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1e664f7f932121e&is_secure=true&networkId=14000&version=1&google_gid=CAESEM-LrcdviCleu2YdGz5WZeM&google_cver=1&google_push=AXcoOmRJi8XVmYQr6ltCaURwx-hVNzuEsFwJ_7hNUpKT2h3mG2jrvOUmALOnVJmprAfs2hi5yIdNP9ykUT3Uu04xIyti6ELyxIYFtkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGb8Z1MIW7gANtCjDkAAAAAAA&expiration=1711148304&google_cver=1&is_secure=true&google_gid=CAESEM-LrcdviCleu2YdGz5WZeM&google_push=AXcoOmRJi8XVmYQr6ltCaURwx-hVNzuEsFwJ_7hNUpKT2h3mG2jrvOUmALOnVJmprAfs2hi5yIdNP9ykUT3Uu04xIyti6ELyxIYFtkE

Request Chain 43

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJXxyABJ3G3oXgvqdp4pC1w&google_cver=1&google_push=AXcoOmR7NHpMkrfzwWEgjYFXgQZgKjvv2uKSywV0GMCA_2XnzV_2b62C6bqDX-trL7or8snez4ZDi_qwakl_gcBYtfy-FdkO3R5Ri8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YWE0YjQwMjEtYmU5OC00OWIzLTk4OWItNGMyODIyODUwMTM5&google_gid=CAESEJXxyABJ3G3oXgvqdp4pC1w&google_cver=1&google_push=AXcoOmR7NHpMkrfzwWEgjYFXgQZgKjvv2uKSywV0GMCA_2XnzV_2b62C6bqDX-trL7or8snez4ZDi_qwakl_gcBYtfy-FdkO3R5Ri8E

Request Chain 45

https://a.c.appier.net/gcm?google_gid=CAESEEPKNDSPiMIk8pP0vDzAT30&google_cver=1&google_push=AXcoOmTaJIqPVphI-EEZvQyXEZscfGyzcqaAgXuohp7Jk10T4iEBRkZM9qdoctYTCJ13M3clUkLN35dbyDiQetGyyojMtRzznHMm87Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aXhkaGZfZldDQ0NYaW1YTGtMdjhaUQ%3D%3D&google_push=AXcoOmTaJIqPVphI-EEZvQyXEZscfGyzcqaAgXuohp7Jk10T4iEBRkZM9qdoctYTCJ13M3clUkLN35dbyDiQetGyyojMtRzznHMm87Y

Request Chain 46

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENkrBHYuLiDpRFd9MTz-nTo&google_cver=1&google_push=AXcoOmTteTm1TdKQrobYf5XRheM9rJxhcIn9FBYTnee_fA1D0rPnHOhHGQtGCLp9dNf9nwsx67f6GoXHmVgWmSZ7xeN_oEtWXO-iGV8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4y-uDU_vVMV75925iL2UoGAJ-SI&google_push=AXcoOmTteTm1TdKQrobYf5XRheM9rJxhcIn9FBYTnee_fA1D0rPnHOhHGQtGCLp9dNf9nwsx67f6GoXHmVgWmSZ7xeN_oEtWXO-iGV8

Request Chain 50

https://googleads.g.doubleclick.net/pagead/adview?ai=CQZ7tj7v8ZfD_GeOWo9kP-f2ymAzCiv3CduSb5KucEsf1jo8MEAEg3fb0dGDJ7o6LwKSMEKABnpH6nSrIAQmoAwHIA8sEqgTUAU_QxRWkcIreXaY76AaxtiKXRMJfaC95eIRzPqu2023P3aXljYA8SD3M4cVBOikB4n0RfIwJVYKg0DgFaAdiuuEhXVvZanxLJpeW8Fr3qJ8ZmFASJM2pn6kJZyLMQBam_XnSwBM6-UewmNCuyM3L5uLl59VLNysHAQohM3-fe3BN8vjTXjQhW1YfwDYl6UivwPYB5hkrm2TsY9txpoX8ZiRXtRaAdsivqQc2-sl-3SSEiveqdJuavkLCiG1CtIH1jzcZ8YOH11b_9OnjMCF3OgsDC9uJwASngoCKzwSIBcKgybRNkgUECAQYAZIFBAgFGASgBi6AB57Jyv0EqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwQQ6M4T0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WLHnxKe6hoUDmgmjBWh0dHBzOi8vbGlmZXN0eWxlYWxpdmUuY29tL2NvbnRlbnQvaGVhbHRoL3VuZGVyc3RhbmRpbmctdHJ1Y2stYWNjaWRlbnRzLWFuZC10aGVpci1pbXBsaWNhdGlvbnM_YV9jaWQ9NzcyNCZhX2ZlZWQ9cnNvYyZhX3ZjPTI5JmhwPTEmcmFjPVRydWNrK0luc3VyYW5jZSZka3dzPUdldCtDb21tZXJjaWFsK1RydWNrK0luc3VyYW5jZSUyQ0JpZytSaWcrQWNjaWRlbnQrQXR0b3JuZXlzJTJDVHJ1Y2tpbmcrQXV0bytJbnN1cmFuY2UlMkNBZmZvcmRhYmxlK0JveCtUcnVjaytJbnN1cmFuY2UlMkNBY2NpZGVudCtMYXd5ZXIrTmVhcitNZSUyQ1RyYW5zcG9ydGF0aW9uK1RydWNraW5nK0luc3VyYW5jZSUyQzE4K1doZWVsZXIrSW5zdXJhbmNlK0NvbXBhbmllcyUyQ0NoZWFwK1NlbWkrVHJ1Y2srSW5zdXJhbmNlJTJDQmlnK1JpZytJbmp1cnkrTGF3eWVycyZtYXRjaHR5cGU9JmtleXdvcmQ9Jm5ldHdvcms9ZCZkZXZpY2U9YyZhZHBvc2l0aW9uPSZzb3VyY2U9Z29vZ2xlJmNhbXBhaWduaWQ9MjA3Nzk3ODIyMTAmYWRncm91cGlkPTE1ODY2NjMyNjMxMSZhZGlkPTY4MTIzMjI0NTUyOCZwbGFjZW1lbnQ9d3d3LmRkdWd1b25saW5lLmNvbSZ0YXJnZXQ9JTJGbGF3JTIwJTI2JTIwZ292ZXJubWVudCUyRmxlZ2FsJTJGbGVnYWwlMjBlZHVjYXRpb24mbG9jX3BoeXNfbXM9OTAwNTUzMiZsb2NfaW50X21zPYAKAcgLAdoMEQoLEKCH38Xlw9zU9wESAgEDuBPkA9gTDIgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNTI0OTc0NzE4NTcwODU1GACyGAkSArNPGC4iAQDoGAE&sigh=iolkAvz5t44&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAB7FLtqGIHU3cQU3P-VaJYcTLZGKz92btP2lrmBTvRH48J8v_TlJI_kHiG3QrNN-6gB_mxALj9-k5R0IBgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x504c3546f4f4fea30000000000000000%22,%222%22:%220x5a696a0805fffd6e0000000000000000%22,%223%22:%220x20b9c900691b97c20000000000000000%22,%224%22:%220x2a58df2a05b946160000000000000000%22,%225%22:%220x74ff11588989da080000000000000000%22},%22debug_key%22:%2216512751842664986315%22,%22debug_reporting%22:true,%22destination%22:%22https://lifestylealive.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211337107614%22],%2222%22:[%22true%22],%224%22:[%2203-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222560772621565447649%22}&andc=true

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.dduguonline.com/
Redirect Chain

https://dduguonline.com/
https://www.dduguonline.com/

32 KB
6 KB

1067ms
1017ms

Document
text/html

2606:4700:3032::6815:550b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dduguonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:550b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0582fc00a3d6253c8f6d396ced70ba4352a5b1672a863360da777a384e65aa2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86818bd0bf2b4bd2-BUF
content-encoding: br
content-type: text/html
date: Thu, 21 Mar 2024 22:58:21 GMT
last-modified: Fri, 08 Sep 2023 13:18:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JmCpqldOHR9pgvoHoirO1RXEzizvA1KQIvFlawqUlV48b7RJrlt0GKfzFDoWPkqohMma%2Bvjpy9K3Nn7rdJVr8HQQsNMkmVj%2B4zaFWE7fNMwz4SE0Itmt%2BTPnPlDE3yfIWvINTD9jSPWP%2FOw70s7uZ546"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 86818bd03ed04bd2-BUF
date: Thu, 21 Mar 2024 22:58:20 GMT
expires: Thu, 21 Mar 2024 23:58:20 GMT
location: https://www.dduguonline.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64O5aawaJZGzs99E8A29l%2B%2F0mUW3UoiqjhAJ12nPFkqgxGYFsGBnQoQVIeeqgqsezXu0CPUNpjM%2Bwzq6Fsxjk7DEiBnY3UJBonc7L%2F0iNkEVDNsjqwl2GQCoQzb9A%2BowSouCEARsfhmS9xni6F0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 195ms
105ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PDDPVQCWGK

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efe40713b8a2b4ca1115bfadc049d29925273b278067328b75b6ad0a369af86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 22:58:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 196ms
110ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab92862e1c4ecd4815d2e687a2a6d177a06c7f0c142d394fd774e12e1fd2b802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51191
x-xss-protection: 0
server: cafe
etag: 8001122332863834214
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 22:58:22 GMT

GET
H2 200 xamstudy.css
www.dduguonline.com/data/ 95 KB
22 KB 1557ms
1553ms Stylesheet
text/css 2606:4700:3032::6815:550b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dduguonline.com/data/xamstudy.css
Requested by: Host: www.dduguonline.com
URL: https://www.dduguonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:550b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e77f0ff8cc30bf06bdba582b445f4f1d434e7b4ee211b137a0bdafe5c53831

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 15 May 2022 12:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"960171-17ced-5df0bd0d290a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLvxKKsqeiysGUKlKLTyzlnvccxE1Envq%2FMDeGQR7EzLaCo75jg2W%2BoTuYKybCGjZ4yiQHTadrQqLkkK85BPljwhm4xFGUh%2B5jgANgN1VHoiY4xwglf4Ya27Nijbzn4QlalZwzYoqTpPBHvqAAhJnS3w"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 86818bd739ad4bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 193ms
105ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Play|Keania+One

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b38f1ee5d588cc2d437f04dccccd91976550477d87a5dff8d3dc28e3b05895e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 22:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 22:58:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 22:58:22 GMT

GET
H2 200 banner.webp
www.dduguonline.com/data/ 7 KB
7 KB 819ms
817ms Image
image/webp 2606:4700:3032::6815:550b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dduguonline.com/data/banner.webp
Requested by: Host: www.dduguonline.com
URL: https://www.dduguonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:550b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 027fba5c1a396fb2b32a2f00b2352ea729bd6d65c7c98c699403927b4bd8a03c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:22 GMT
cf-cache-status: MISS
last-modified: Sun, 15 May 2022 12:12:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "960152-1a10-5df0bd0a4a2f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FoooiJgGVL46Dug%2BTpp16FgIYCGjesUt7fhcQD3INiYJtYF%2BaIcS%2Fjo%2Bc17X9cPgsKFT5vZCJSMCaqFECigR6FumRPaE01ZJcyg60LTeos03fBj7pco5ZumScoSj%2BhAt%2F7rHVLAePuVmSAnj5CCvySj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86818bd739ae4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 6672

GET
H2 200 xamstudy-ad.webp
www.dduguonline.com/data/ 43 KB
44 KB 1355ms
1352ms Image
image/webp 2606:4700:3032::6815:550b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dduguonline.com/data/xamstudy-ad.webp
Requested by: Host: www.dduguonline.com
URL: https://www.dduguonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:550b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480f33296702f8839dd8377a1cce618f5ed1b45eec6e635757b736f5774507e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:23 GMT
cf-cache-status: MISS
last-modified: Sun, 15 May 2022 12:12:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "96016f-ac8a-5df0bd0c2f34b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bF7OZRooZEOlmB4VFLV2OYtAW5KBTyt0SnbtsoAVwkFZ79NKCjZmD1TTbJ1vKNGXjvnarHglAswAZZCw69G2uwjAsD1aL5PGoVRSaUXeNbq2Pv1qDWYJXPqWNS4Vgy9NTARdVbi2HgPYgKm9f%2B7WssQW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86818bd739af4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 44170

GET
H2 200 email-decode.min.js Show response
www.dduguonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 28ms
27ms Script
application/javascript 2606:4700:3032::6815:550b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dduguonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:550b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 10:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fc0d6b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHG0%2FrPFTq7at9PcayDEvHlr5xY8PzIo%2Bsk07r1f8AAo7NNlZwjGPZkpm4msjyhEug26f4DGlmeT79MGvEg01wI%2FgHSql0C3f29OdIliATKQzMyvsXCvMEgfpaLDZRGczfh9oacANUlDFM8ES%2Fe%2BUG%2BW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86818bd749b44bd2-BUF
expires: Sat, 23 Mar 2024 22:58:21 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
138 KB 146ms
139ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2407a21d69534fb214aec9f1e9a9475e91f74311de38c6aac9ec0ea440c59c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141441
x-xss-protection: 0
server: cafe
etag: 12785031930967089837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 22:58:22 GMT

GET
H2 200 6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v19/ 18 KB
18 KB 146ms
49ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Play|Keania+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dduguonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:07 GMT
x-content-type-options: nosniff
age: 141015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18088
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:48:07 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
257 B 252ms
43ms Ping
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PDDPVQCWGK&gtm=45je43k0v879101453za200&_p=1711061901956&gcd=13l3l3l3l1&npa=0&dma=0&cid=868544934.1711061902&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711061902&sct=1&seg=0&dl=https%3A%2F%2Fwww.dduguonline.com%2F&dt=DDUGU%20Question%20Papers%20All%20Courses%20All%20Part%2C%20DDUGU%20BSC%20Papers%20DDUGU%20%E0%A4%A6%E0%A5%80%E0%A4%A8%20%E0%A4%A6%E0%A4%AF%E0%A4%BE%E0%A4%B2%20%E0%A4%89%E0%A4%AA%E0%A4%BE%E0%A4%A7%E0%A5%8D%E0%A4%AF%E0%A4%BE%E0%A4%AF%20%E0%A4%97%E0%A5%8B%E0%A4%B0%E0%A4%96%E0%A4%AA%E0%A5%81%E0%A4%B0%20%E0%A4%B5%E0%A4%BF%E0%A4%B6%E0%A5%8D%E0%A4%B5%E0%A4%B5%E0%A4%BF%E0%A4%A6%E0%A5%8D%E0%A4%AF%E0%A4%BE%E0%A4%B2%E0%A4%AF%2C%20%E0%A4%97%E0%A5%8B%E0%A4%B0%E0%A4%96%E0%A4%AA%E0%A5%81%E0%A4%B0%20Deen%20Dayal%20Upadhyaya%20Gorakhpur%20University%2C%20Gorakhpur%2C%20UP&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1692
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PDDPVQCWGK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:58:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dduguonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zOL54pXJk65E8pXardnu-cNkvg.woff2
fonts.gstatic.com/s/keaniaone/v24/ 10 KB
10 KB 100ms
20ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/keaniaone/v24/zOL54pXJk65E8pXardnu-cNkvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Play|Keania+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d856552b605c6960cae67c63f75da10b254f6d97c7e4b080d75cbf9df613aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dduguonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:56:46 GMT
x-content-type-options: nosniff
age: 140496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10304
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:53:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:56:46 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6869 204 KB
55 KB 617ms
528ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1524974718570855&output=html&adk=1812271804&adf=3025194257&lmt=1694179112&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.dduguonline.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711061902196&bpp=7&bdt=263&idt=348&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8397078530262&frm=20&pv=2&ga_vid=868544934.1711061902&ga_sid=1711061903&ga_hid=1846168080&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081793%2C31082023%2C42531705%2C44798934%2C95320377&oid=2&pvsid=4397243766396049&tmod=98696874&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=436

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40a11a62a6c54f2bcce9652bee63f7daa298e7e7ae877d2ddf0b7b60b04bcee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dduguonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55593
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 22:58:23 GMT
expires: Thu, 21 Mar 2024 22:58:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 167 KB
56 KB 105ms
104ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed14514f1f54c5f8fb42dbcd11bebd11d77288e78ec5e09b6db9ad281d374b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57717
x-xss-protection: 0
server: cafe
etag: 10142177106260718594
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 22:58:23 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB4E 124 KB
42 KB 417ms
415ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1524974718570855&output=html&h=280&adk=3361079494&adf=2307165312&pi=t.aa~a.3705073637~i.3~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694179112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7780890400&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.dduguonline.com%2F&fwr=0&pra=3&rh=200&rw=1500&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711061903373&bpp=4&bdt=1440&idt=4&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8397078530262&frm=20&pv=1&ga_vid=868544934.1711061902&ga_sid=1711061903&ga_hid=1846168080&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=4087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081793%2C31082023%2C42531705%2C44798934%2C95320377&oid=2&pvsid=4397243766396049&tmod=98696874&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbf5f3461743da6b7dd850fae22410e2e362e00cf88f8aec8c11b172b52de745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dduguonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42934
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 22:58:23 GMT
expires: Thu, 21 Mar 2024 22:58:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 93ms
32ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/data/xamstudy.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dduguonline.com/
Origin: https://www.dduguonline.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:23 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 508321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXnOyInTyinAKSLEtDs%2By8O5FAV%2ByQloz4b%2BEXO81XJFVyh5ypjCf1wej1ElSEo3hMR5ounz9Ux0Pju4ee3I250H0rf9NwxwPrfnw8q6FU95k%2FGwpelD%2B7DSk8Jfkq6fNIH%2BwP8Gdk%2Bo25v5sdXck2Sl"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86818be158334bd3-BUF
expires: Tue, 11 Mar 2025 22:58:23 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame 31E3 9 KB
4 KB 31ms
30ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dduguonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 14095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 19:03:28 GMT
etag: 5035419970550746386
expires: Thu, 04 Apr 2024 19:03:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 2D22 6 KB
824 B 50ms
49ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 22:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 22:39:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 22:58:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 2D22 2 KB
875 B 161ms
61ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 2D22 23 KB
9 KB 138ms
40ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 2D22 3 KB
1 KB 137ms
40ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 2D22 20 KB
9 KB 134ms
37ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2D22 206 KB
62 KB 35ms
35ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 23:35:24 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame 2D22 36 KB
15 KB 110ms
33ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:56:51 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame 31E3 15 KB
6 KB 156ms
69ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6452
x-xss-protection: 0
server: cafe
etag: 12428443125520643955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:22:25 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 31E3 205 B
296 B 108ms
42ms Image
image/png 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:01:03 GMT
x-content-type-options: nosniff
age: 136640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 09:01:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 31E3 604 B
920 B 107ms
41ms Image
image/png 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 05:13:37 GMT
x-content-type-options: nosniff
age: 150286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 05:13:37 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame 31E3 22 KB
9 KB 148ms
62ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 499061885667062015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:22:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AB4E 4 KB
679 B 56ms
50ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1524974718570855&output=html&h=280&adk=3361079494&adf=2307165312&pi=t.aa~a.3705073637~i.3~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694179112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7780890400&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.dduguonline.com%2F&fwr=0&pra=3&rh=200&rw=1500&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711061903373&bpp=4&bdt=1440&idt=4&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8397078530262&frm=20&pv=1&ga_vid=868544934.1711061902&ga_sid=1711061903&ga_hid=1846168080&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=4087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081793%2C31082023%2C42531705%2C44798934%2C95320377&oid=2&pvsid=4397243766396049&tmod=98696874&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 22:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 22:33:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 22:58:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame AB4E 2 KB
856 B 41ms
34ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame AB4E 23 KB
9 KB 33ms
30ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame AB4E 3 KB
1 KB 36ms
34ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame AB4E 20 KB
8 KB 34ms
32ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AB4E 0
0 126ms
51ms Image
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMu2bfTS7PA93_W3U1M7MGFO_s9dPL0zJaDx7Hw9p3ly-TPcn2FI8eFEo32_dUZGTtiBZcHikLRaSK27ELX6GUc8meUQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1524974718570855&output=html&h=280&adk=3361079494&adf=2307165312&pi=t.aa~a.3705073637~i.3~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694179112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7780890400&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.dduguonline.com%2F&fwr=0&pra=3&rh=200&rw=1500&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711061903373&bpp=4&bdt=1440&idt=4&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8397078530262&frm=20&pv=1&ga_vid=868544934.1711061902&ga_sid=1711061903&ga_hid=1846168080&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=4087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081793%2C31082023%2C42531705%2C44798934%2C95320377&oid=2&pvsid=4397243766396049&tmod=98696874&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AB4E 206 KB
62 KB 34ms
33ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 23:35:24 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame AB4E 36 KB
15 KB 32ms
30ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:56:51 GMT

GET
H3 200 tg0eXlKSKRHofALw13T9RBtpGLVNeNay91Fh1pIZuhE.js Show response
pagead2.googlesyndication.com/bg/ Frame DA1B 51 KB
19 KB 44ms
43ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tg0eXlKSKRHofALw13T9RBtpGLVNeNay91Fh1pIZuhE.js

Requested by

Host: www.dduguonline.com
URL: https://www.dduguonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b60d1e5e52922911e87c02f0d774fd441b6918b54d78d6b2f75161d69219ba11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19875
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:44:43 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6032650429284018325/ Frame AB4E 43 KB
44 KB 34ms
33ms Image
image/jpeg 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6032650429284018325/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cfec7432e45d1d28383f28e583fb418ee0b54d674351b1746f9757c795e135b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 07:53:33 GMT
date: Wed, 20 Mar 2024 07:53:33 GMT
x-content-type-options: nosniff
age: 140690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44171
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 07:48:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12542831284815368637/ Frame AB4E 1 KB
2 KB 53ms
52ms Image
image/jpeg 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12542831284815368637/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28f95fda313f6de37976500f0bd0362a874ea0bb3c6046f384885cfaed0bb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:58:20 GMT
date: Wed, 20 Mar 2024 08:58:20 GMT
x-content-type-options: nosniff
age: 136803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1509
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:07:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A069 1 KB
643 B 32ms
30ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 54690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 07:46:53 GMT
etag: 48472445140208031
expires: Fri, 22 Mar 2024 07:46:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AB4E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbdf0440f7ced6a1e24754356d5e256238e50277b7cf91a7dba01be92ecd2c31

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A069
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHymFyLkgePToOOG-WGkEXw&google_cver=1&google_push=AXcoOmTMcgD1UGcnwQ5PL8IkPaAM_ol_adUrPHaX7IBKuUyi7Be3_KUhQBl4rbsLWpwEO6peC-L9tn6IZWgWJuwzLzJSgOccg3p7NR4
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUxODYzMDAzODAxMTU2NzUzOA==&gdpr=&gdpr_consent=&process_consent=T
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHymFyLkgePToOOG-WGkEXw&google_cver=1

43 B
398 B

70ms
36ms

Image
image/gif

2620:112:f008:200::101
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHymFyLkgePToOOG-WGkEXw&google_cver=1
Protocol: H2
Server: 2620:112:f008:200::101 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 21 Mar 2024 22:58:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:58:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHymFyLkgePToOOG-WGkEXw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A069
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEETVfilSL43nk0tIdNOLlEw&google_cver=1&google_push=AXcoOmQHRrY6a6nsyd6Um2jse75C3-GKBwSKJdDjJx2r_6ek4YBSNlgO4ScsQiePOgsfEnoRjRG2I9Bc_c-gx2NyzCoFg_h11NzuC3c
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmQHRrY6a6nsyd6Um2jse75C3-GKBwSKJdDjJx2r_6ek4YBSNlgO4ScsQiePOgsfE...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQHRrY6a6nsyd6Um2jse75C3-GKBwSKJdDjJx2r_6ek4YBSNlgO4ScsQiePOgsfEnoRjRG2I9Bc_c-gx2NyzCoFg_h11NzuC3c&google_cver=1&go...

170 B
232 B

73ms
72ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQHRrY6a6nsyd6Um2jse75C3-GKBwSKJdDjJx2r_6ek4YBSNlgO4ScsQiePOgsfEnoRjRG2I9Bc_c-gx2NyzCoFg_h11NzuC3c&google_cver=1&google_gid=CAESEETVfilSL43nk0tIdNOLlEw&google_hm=UTc2NDM0ODMwNDIwMDQxNTcyMjA=

Protocol

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 21 Mar 2024 22:58:24 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQHRrY6a6nsyd6Um2jse75C3-GKBwSKJdDjJx2r_6ek4YBSNlgO4ScsQiePOgsfEnoRjRG2I9Bc_c-gx2NyzCoFg_h11NzuC3c&google_cver=1&google_gid=CAESEETVfilSL43nk0tIdNOLlEw&google_hm=UTc2NDM0ODMwNDIwMDQxNTcyMjA=
Content-Type: text/html
Cache-Control: max-age=68320
Connection: keep-alive
Content-Length: 154

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A069
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM-LrcdviCleu2YdGz5WZeM&google_cver=1&google_push=AXcoOmRJi8XVmYQr6ltCaURwx-hVNzuEsFwJ_7hNUpKT2h3mG2jrvOU...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1e664f7f932121e&is_secure=true&networkId=14000&version=1&google_gid=CAESEM-LrcdviCleu2YdGz5WZeM&google_cver=1&google_push=AXcoOmRJi8XVm...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGb8Z1MIW7gANtCjDkAAAAAAA&expiration=1711148304&google_cver=1&is_secure=true&google_gid=CAESEM-LrcdviCleu2YdGz5WZ...

170 B
188 B

52ms
51ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGb8Z1MIW7gANtCjDkAAAAAAA&expiration=1711148304&google_cver=1&is_secure=true&google_gid=CAESEM-LrcdviCleu2YdGz5WZeM&google_push=AXcoOmRJi8XVmYQr6ltCaURwx-hVNzuEsFwJ_7hNUpKT2h3mG2jrvOUmALOnVJmprAfs2hi5yIdNP9ykUT3Uu04xIyti6ELyxIYFtkE

Protocol

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:58:24 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGb8Z1MIW7gANtCjDkAAAAAAA&expiration=1711148304&google_cver=1&is_secure=true&google_gid=CAESEM-LrcdviCleu2YdGz5WZeM&google_push=AXcoOmRJi8XVmYQr6ltCaURwx-hVNzuEsFwJ_7hNUpKT2h3mG2jrvOUmALOnVJmprAfs2hi5yIdNP9ykUT3Uu04xIyti6ELyxIYFtkE
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A069
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJXxyABJ3G3oXgvqdp4pC1w&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YWE0YjQwMjEtYmU5OC00OWIzLTk4OWItNGMyODIyODUwMTM5&google_gid=CAESEJXxyABJ3G3oXgvqdp4pC1w&google_cver=1&google_push=AXcoOmR7...

170 B
329 B

74ms
74ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YWE0YjQwMjEtYmU5OC00OWIzLTk4OWItNGMyODIyODUwMTM5&google_gid=CAESEJXxyABJ3G3oXgvqdp4pC1w&google_cver=1&google_push=AXcoOmR7NHpMkrfzwWEgjYFXgQZgKjvv2uKSywV0GMCA_2XnzV_2b62C6bqDX-trL7or8snez4ZDi_qwakl_gcBYtfy-FdkO3R5Ri8E

Protocol

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YWE0YjQwMjEtYmU5OC00OWIzLTk4OWItNGMyODIyODUwMTM5&google_gid=CAESEJXxyABJ3G3oXgvqdp4pC1w&google_cver=1&google_push=AXcoOmR7NHpMkrfzwWEgjYFXgQZgKjvv2uKSywV0GMCA_2XnzV_2b62C6bqDX-trL7or8snez4ZDi_qwakl_gcBYtfy-FdkO3R5Ri8E
date: Thu, 21 Mar 2024 22:58:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame A069 0
35 B 128ms
36ms Image
text/plain 44.216.123.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEHJ1YLIhTyOYQqKiQEsfCxA&google_cver=1&google_push=AXcoOmSvxc_TYEcgIMe6EQAZ3xfGdIr8OQqlW-UiXgH0F1ZoxaIaoX7x84IWXnoKFOrr25I6PGwzTg9IZz0WLlSiXerVOtWo1hFFqII
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1524974718570855&output=html&h=280&adk=3361079494&adf=2307165312&pi=t.aa~a.3705073637~i.3~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694179112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7780890400&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.dduguonline.com%2F&fwr=0&pra=3&rh=200&rw=1500&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711061903373&bpp=4&bdt=1440&idt=4&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8397078530262&frm=20&pv=1&ga_vid=868544934.1711061902&ga_sid=1711061903&ga_hid=1846168080&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=4087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081793%2C31082023%2C42531705%2C44798934%2C95320377&oid=2&pvsid=4397243766396049&tmod=98696874&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.123.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-123-11.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A069
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEEPKNDSPiMIk8pP0vDzAT30&google_cver=1&google_push=AXcoOmTaJIqPVphI-EEZvQyXEZscfGyzcqaAgXuohp7Jk10T4iEBRkZM9qdoctYTCJ13M3clUkLN35dbyDiQetGyyojMtRzznHMm87Y
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aXhkaGZfZldDQ0NYaW1YTGtMdjhaUQ%3D%3D&google_push=AXcoOmTaJIqPVphI-EEZvQyXEZscfGyzcqaAgXuohp7Jk10T4iEBRkZM9qdoctYTCJ13M3clUkLN35dbyDiQe...

170 B
188 B

47ms
46ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aXhkaGZfZldDQ0NYaW1YTGtMdjhaUQ%3D%3D&google_push=AXcoOmTaJIqPVphI-EEZvQyXEZscfGyzcqaAgXuohp7Jk10T4iEBRkZM9qdoctYTCJ13M3clUkLN35dbyDiQetGyyojMtRzznHMm87Y

Protocol

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Mar 2024 22:58:24 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aXhkaGZfZldDQ0NYaW1YTGtMdjhaUQ%3D%3D&google_push=AXcoOmTaJIqPVphI-EEZvQyXEZscfGyzcqaAgXuohp7Jk10T4iEBRkZM9qdoctYTCJ13M3clUkLN35dbyDiQetGyyojMtRzznHMm87Y
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 246

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A069
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENkrBHYuLiDpRFd9MTz-nTo&google_cver=1&google_push=AXcoOmTteTm1TdKQrobYf5XRheM9rJxhcIn9FBYTnee_fA1D0rPnHOhHGQtGCLp9dNf9nwsx67f6GoXHmVgWmSZ...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4y-uDU_vVMV75925iL2UoGAJ-SI&google_push=AXcoOmTteTm1TdKQrobYf5XRheM9rJxhcIn9FBYTnee_fA1D0rPnHOhHGQtGCLp9dNf9nwsx67f6GoXHmVgWmS...

170 B
232 B

78ms
77ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4y-uDU_vVMV75925iL2UoGAJ-SI&google_push=AXcoOmTteTm1TdKQrobYf5XRheM9rJxhcIn9FBYTnee_fA1D0rPnHOhHGQtGCLp9dNf9nwsx67f6GoXHmVgWmSZ7xeN_oEtWXO-iGV8

Protocol

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4y-uDU_vVMV75925iL2UoGAJ-SI&google_push=AXcoOmTteTm1TdKQrobYf5XRheM9rJxhcIn9FBYTnee_fA1D0rPnHOhHGQtGCLp9dNf9nwsx67f6GoXHmVgWmSZ7xeN_oEtWXO-iGV8
Date: Thu, 21 Mar 2024 22:58:24 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A069 0
130 B 211ms
74ms Image
text/html 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0tlX61rucqoUFq1hGN-RjFQ53OzVV7bzCJXc2lhTaI0P_f35XNlQVW5O14pQx71STFKiq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB4E 16 KB
16 KB 48ms
37ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:57:26 GMT
x-content-type-options: nosniff
age: 140458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:57:26 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB4E 15 KB
15 KB 40ms
29ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:28 GMT
x-content-type-options: nosniff
age: 136436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:04:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AB4E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQZ7tj7v8ZfD_GeOWo9kP-f2ymAzCiv3CduSb5KucEsf1jo8MEAEg3fb0dGDJ7o6LwKSMEKABnpH6nSrIAQmoAwHIA8sEqgTUAU_QxRWkcIreXaY76AaxtiKXRMJfaC95eIRzPqu2023P3aX...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x504c3546f4f4fea30000000000000000%22,%222%22:%220x5a696a0805fffd6e0000000000000000%22,%223%22:%220x20b9c9...

0
0

160ms
92ms

Fetch
text/css

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x504c3546f4f4fea30000000000000000%22,%222%22:%220x5a696a0805fffd6e0000000000000000%22,%223%22:%220x20b9c900691b97c20000000000000000%22,%224%22:%220x2a58df2a05b946160000000000000000%22,%225%22:%220x74ff11588989da080000000000000000%22},%22debug_key%22:%2216512751842664986315%22,%22debug_reporting%22:true,%22destination%22:%22https://lifestylealive.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211337107614%22],%2222%22:[%22true%22],%224%22:[%2203-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222560772621565447649%22}&andc=true

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x504c3546f4f4fea30000000000000000","2":"0x5a696a0805fffd6e0000000000000000","3":"0x20b9c900691b97c20000000000000000","4":"0x2a58df2a05b946160000000000000000","5":"0x74ff11588989da080000000000000000"},"debug_key":"16512751842664986315","debug_reporting":true,"destination":"https://lifestylealive.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11337107614"],"22":["true"],"4":["03-21"],"6":["true"]},"priority":"500","source_event_id":"2560772621565447649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 22:58:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 22:58:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x504c3546f4f4fea30000000000000000","2":"0x5a696a0805fffd6e0000000000000000","3":"0x20b9c900691b97c20000000000000000","4":"0x2a58df2a05b946160000000000000000","5":"0x74ff11588989da080000000000000000"},"debug_key":"16512751842664986315","debug_reporting":true,"destination":"https://lifestylealive.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11337107614"],"22":["true"],"4":["03-21"],"6":["true"]},"priority":"500","source_event_id":"2560772621565447649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 174ms
111ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240320&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2519b6cbda06141c98fb34e44b346716a786e7a5a2e0a97c8566cc9e04df1aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12194
x-xss-protection: 0

GET
H3 200 tg0eXlKSKRHofALw13T9RBtpGLVNeNay91Fh1pIZuhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 22DB 51 KB
19 KB 32ms
30ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tg0eXlKSKRHofALw13T9RBtpGLVNeNay91Fh1pIZuhE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b60d1e5e52922911e87c02f0d774fd441b6918b54d78d6b2f75161d69219ba11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19875
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:44:43 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 176ms
89ms Preflight
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 22:58:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
59ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 22:58:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F2D7 13 KB
5 KB 37ms
35ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dduguonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 81027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 00:27:57 GMT
expires: Fri, 21 Mar 2025 00:27:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E8A3 829 B
1 KB 55ms
53ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5502facca0c97096b3a4de15830888808c67fe7698c5c624638627039e767528

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nHSRqqQccKv4bNMEteROMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dduguonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-nHSRqqQccKv4bNMEteROMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 22:58:24 GMT
expires: Thu, 21 Mar 2024 22:58:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E8A3 0
0 90ms
89ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240320&jk=4397243766396049&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F2D7 40 KB
16 KB 31ms
31ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:55:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F2D7 0
10 B 31ms
31ms Image
text/plain 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Yt5s5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:58:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 98ms
97ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240320&jk=4397243766396049&bg=!cHOlczzNAAZaswqNerM7ADQBe5WfOFD_WacbKFkHCS-_DNOKX6jDBFkhi0RZOgh02xQkzrPY-zDk-eKNahpD3OsWg3JOAgAAAG1SAAAABGgBB34ANfXMZ87EAa5ij0x7uIzCOhGA4ORDbkUcpMLMGOg_X18wtuCHmAHk5iQpFw1SJYQpT__gVxhTCgAjqDZ1bg_FZyMvjOMyXvo50nno1T8nNgp5GjZF7LVzPovsgQ-ZAnU78wznyrw3UjlRKgDHjWTqzORBLVGSDB6-Pqalgs9H1fJ4JqKnF34kSdz9H2KOPs2rgv8S5sfJiB8pclvJv7KynofRkCqBajXOMjzNs8qKmdJJUcZ6Obfs9DQN-ipjtpYCf8Nanxz4RJTDxFcMnsJurHTQf97JueH04VrEYkMc61UZ9DCWl12bFTSaOyo41NhxbBp_Z9uJhF69V0bBtbfFhaJBoCk_6aByF1DHMLJ2mqog4nePUsdOlUL3HwOzgYLaQU4LrUsGvY58wkFrqME4mcaJuNgchKqlxFiMSKAEAIE5YwfcApUXVUU71Cnq-fvX_Kqjzz66-N98PfDKCf4ZMKXbJFWRHyU0vppFern9p8IsXFk4VBrhvIemHF4JvYb2AZ8lh6zEkv7WIbcjzLY29xBWJ9XhnmM1zp0YI_rG6YYCnA4xp1sV4DsYLyJhg1KlMKjUqKAsBZ7LDaeVwaJWOXwtGkWcptMUcx1_LIUeJU0PXAGmXvAjK5Z5LRSKhJVdG27XPKvlrKnwqOaPijC7jxXkLv4Yad32p0anHrjDfku9Upai3y2TLu01Q_JxlrA02iG5ii6l5vg5Wzdk2ssWvljKuhPDoMStj5-t8CNdbkVDXabw0Bz1FZNlxqauFdPJuevOBgJ0_aAuA0BOtd_hE4rjFyvT19rfmuhWFKP2aJU_ytWMvAtD_SYi81w1dQV31JVnsp5srB8L_Yrla3vW94pOD-oZTnWt1B5YMcsLVazxKCIulUymIHIx1SJ6G13W-vKGIT6Yl1AC-O4xzb2q38dlgzn0svnxG5kubYgfd14EF-VfkQtLKjb6cUDeEy0iU-x7jA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dduguonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dduguonline.com/	1970-01-21 04:53:41	Name: _ga_PDDPVQCWGK Value: GS1.1.1711061902.1.0.1711061902.0.0.0
.dduguonline.com/	1970-01-21 04:53:41	Name: _ga Value: GA1.1.868544934.1711061902
.dduguonline.com/	1970-01-21 04:39:17	Name: __gads Value: ID=13341d05573e1855:T=1711061902:RT=1711061902:S=ALNI_MYIGbdgqQXTH2UI1UPA0k825vGLKg
.dduguonline.com/	1970-01-21 04:39:17	Name: __gpi Value: UID=00000dd481dc66c7:T=1711061902:RT=1711061902:S=ALNI_Mb4b6dW_tEimKwg1dBv3xOUmJkMmA
.dduguonline.com/	1970-01-20 23:36:53	Name: __eoi Value: ID=3630d3f4ea2469d7:T=1711061902:RT=1711061902:S=AA-AfjbKtw-Ndjiddcao84N6e1c9
.doubleclick.net/	1970-01-21 04:53:41	Name: IDE Value: AHWqTUkbM0OqZGIpjmhqpAOuOcF4T0PRxn7wEIY4VBMn0nhTAK99VMaoMcHkNi4QVnY
.turn.com/	1970-01-20 23:36:53	Name: uid Value: 2518630038011567538
.owneriq.net/	1970-01-21 04:53:41	Name: si Value: Q7643483042004157220P
.owneriq.net/	1970-01-20 19:32:05	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 19:32:05	Name: gguuid Value: 1
.inmobi.com/	1970-01-20 21:27:17	Name: idsp_c Value: aa4b4021-be98-49b3-989b-4c2822850139
sync.srv.stackadapt.com/	1970-01-21 04:03:17	Name: sa-user-id Value: s%3A0-e32fae0d-4fef-54c5-7be7-ddb988bd94a0.LE6ANdTsb8Qvo9Coh0LJqi5vh8JyLH%2BrP9BGhMBuTA0
.srv.stackadapt.com/	1970-01-21 04:03:17	Name: sa-user-id Value: s%3A0-e32fae0d-4fef-54c5-7be7-ddb988bd94a0.LE6ANdTsb8Qvo9Coh0LJqi5vh8JyLH%2BrP9BGhMBuTA0
sync.srv.stackadapt.com/	1970-01-21 04:03:17	Name: sa-user-id-v2 Value: s%3A4y-uDU_vVMV75925iL2UoGAJ-SI.o7fq1ieEbzJ%2BBMlSSNo6XJWqAiD2aeY1bCS2t2coVOw
.srv.stackadapt.com/	1970-01-21 04:03:17	Name: sa-user-id-v2 Value: s%3A4y-uDU_vVMV75925iL2UoGAJ-SI.o7fq1ieEbzJ%2BBMlSSNo6XJWqAiD2aeY1bCS2t2coVOw
sync.srv.stackadapt.com/	1970-01-21 04:03:17	Name: sa-user-id-v3 Value: s%3AAQAKIIeI244ankunpgL5BFLSFYYryGSd0OW5ZEtFnWGYb8r7EHwYBCCQ9_KvBjABOgT0QP71QgQgjKKj.fVBeAV9eTjp%2FOAkYAD5VNSgj2migeFysySVWdHrWfL8
.srv.stackadapt.com/	1970-01-21 04:03:17	Name: sa-user-id-v3 Value: s%3AAQAKIIeI244ankunpgL5BFLSFYYryGSd0OW5ZEtFnWGYb8r7EHwYBCCQ9_KvBjABOgT0QP71QgQgjKKj.fVBeAV9eTjp%2FOAkYAD5VNSgj2migeFysySVWdHrWfL8
.dotomi.com/	1970-01-20 19:17:41	Name: DotomiTest Value: 1e664f7f932121e
.googleadservices.com/	1970-01-20 21:27:17	Name: ar_debug Value: 1
.c.appier.net/	1970-01-21 04:03:17	Name: _auid Value: ixdhf_fWCCCXimXLkLv8ZQ
.c.appier.net/	1970-01-20 20:00:53	Name: _gu Value: CAESEEPKNDSPiMIk8pP0vDzAT30

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.dduguonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
ad.turn.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
dclk-match.dotomi.com
dduguonline.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mweb.ck.inmobi.com
pagead2.googlesyndication.com
px.owneriq.net
r.turn.com
rtb.adentifi.com
sync.srv.stackadapt.com
tpc.googlesyndication.com
www.dduguonline.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.65.226
142.251.40.98
172.105.235.90
20.253.86.149
23.36.85.188
2606:4700:3032::6815:550b
2606:4700::6811:180e
2606:ae80:1451:24::730
2607:f8b0:4006:809::2002
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2003
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81d::2004
2620:112:f008:200::101
44.216.123.11
54.210.145.203
027fba5c1a396fb2b32a2f00b2352ea729bd6d65c7c98c699403927b4bd8a03c
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
2519b6cbda06141c98fb34e44b346716a786e7a5a2e0a97c8566cc9e04df1aed
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3cfec7432e45d1d28383f28e583fb418ee0b54d674351b1746f9757c795e135b
40a11a62a6c54f2bcce9652bee63f7daa298e7e7ae877d2ddf0b7b60b04bcee6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
480f33296702f8839dd8377a1cce618f5ed1b45eec6e635757b736f5774507e2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5502facca0c97096b3a4de15830888808c67fe7698c5c624638627039e767528
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
69e77f0ff8cc30bf06bdba582b445f4f1d434e7b4ee211b137a0bdafe5c53831
7d856552b605c6960cae67c63f75da10b254f6d97c7e4b080d75cbf9df613aa5
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
ab92862e1c4ecd4815d2e687a2a6d177a06c7f0c142d394fd774e12e1fd2b802
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b38f1ee5d588cc2d437f04dccccd91976550477d87a5dff8d3dc28e3b05895e9
b60d1e5e52922911e87c02f0d774fd441b6918b54d78d6b2f75161d69219ba11
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c0582fc00a3d6253c8f6d396ced70ba4352a5b1672a863360da777a384e65aa2
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
d28f95fda313f6de37976500f0bd0362a874ea0bb3c6046f384885cfaed0bb05
dbdf0440f7ced6a1e24754356d5e256238e50277b7cf91a7dba01be92ecd2c31
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e2407a21d69534fb214aec9f1e9a9475e91f74311de38c6aac9ec0ea440c59c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed14514f1f54c5f8fb42dbcd11bebd11d77288e78ec5e09b6db9ad281d374b66
efe40713b8a2b4ca1115bfadc049d29925273b278067328b75b6ad0a369af86c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbf5f3461743da6b7dd850fae22410e2e362e00cf88f8aec8c11b172b52de745

www.dduguonline.com Open in urlscan Pro 2606:4700:3032::6815:550b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

89 %HTTPS

65 %IPv6

17 Domains

22 Subdomains

16 IPs

2 Countries

990 kBTransfer

2493 kBSize

21 Cookies

4 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dduguonline.com Open in urlscan Pro
2606:4700:3032::6815:550b Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

89 %
HTTPS

65 %
IPv6

17
Domains

22
Subdomains

16
IPs

2
Countries

990 kB
Transfer

2493 kB
Size

21
Cookies

61 HTTP transactions
1 data transactions