surl.li Open in urlscan Pro
104.26.5.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://surl.li/obljl
Effective URL:
https://surl.li/obljl
Submission: On December 09 via manual (December 9th 2023, 7:19:04 pm UTC) from CA — Scanned from CA

Summary HTTP 147 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 22 domains to perform 147 HTTP transactions. The main IP is 104.26.5.19, located in and belongs to CLOUDFLARENET, US. The main domain is surl.li. The Cisco Umbrella rank of the primary domain is 921943.
TLS certificate: Issued by GTS CA 1P5 on December 3rd 2023. Valid for: 3 months.

This is the only time surl.li was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	104.26.5.19 104.26.5.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 37	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
2	104.21.20.132 104.21.20.132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.253.63.138 172.253.63.138	15169 (GOOGLE) (GOOGLE)
3 27	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
4	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
24	142.250.31.132 142.250.31.132	15169 (GOOGLE) (GOOGLE)
4	142.251.16.95 142.251.16.95	15169 (GOOGLE) (GOOGLE)
4	142.251.167.95 142.251.167.95	15169 (GOOGLE) (GOOGLE)
2	172.253.115.94 172.253.115.94	15169 (GOOGLE) (GOOGLE)
3 5	142.250.31.99 142.250.31.99	15169 (GOOGLE) (GOOGLE)
12	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
4	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
2 2	172.253.115.139 172.253.115.139	15169 (GOOGLE) (GOOGLE)
2	74.125.174.135 74.125.174.135	15169 (GOOGLE) (GOOGLE)
2	74.125.172.201 74.125.172.201	15169 (GOOGLE) (GOOGLE)
2	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	139.162.117.143 139.162.117.143	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	20.230.171.39 20.230.171.39	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	54.159.180.193 54.159.180.193	14618 (AMAZON-AES) (AMAZON-AES)
1	54.208.142.99 54.208.142.99	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
1 1	3.213.9.240 3.213.9.240	14618 (AMAZON-AES) (AMAZON-AES)
2	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
147	21

15 104.26.5.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

surl.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 172.253.122.156 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.20.132 (None, )

ASN13335 (CLOUDFLARENET, US)

web-screen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.138 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 172.253.62.157 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.31.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.16.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.31.99 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bj-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.139 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f139.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.174.135 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s49-in-f7.1e100.net

r2---sn-ab5sznzy.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.172.201 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s41-in-f9.1e100.net

r4---sn-ab5sznze.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.117.143 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1601-143.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.230.171.39 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.180.193 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-180-193.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.142.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-142-99.compute-1.amazonaws.com

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.9.240 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-9-240.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.114 (Jersey City, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com — Cisco Umbrella Rank: 293	552 KB
39	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	199 KB
18	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	82 KB
15	surl.li 1 redirects surl.li — Cisco Umbrella Rank: 921943	396 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	272 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r2---sn-ab5sznzy.c.2mdn.net — Cisco Umbrella Rank: 57502 r4---sn-ab5sznze.c.2mdn.net — Cisco Umbrella Rank: 79036	6 MB
5	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	881 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	192 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	1 KB
2	doubleverify.com tps.doubleverify.com — Cisco Umbrella Rank: 505	324 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1100	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 711	971 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	web-screen.com web-screen.com	614 KB
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1370	689 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1771	297 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 702	1 KB
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 4896	966 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 8865	630 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	81 KB
147	22

	Domain	Requested by
25	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net surl.li
24	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
23	pagead2.googlesyndication.com	surl.li pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
15	surl.li	1 redirects surl.li
12	csi.gstatic.com	imasdk.googleapis.com
9	cm.g.doubleclick.net	1 redirects surl.li googleads.g.doubleclick.net
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google-analytics.com	surl.li www.google-analytics.com www.googletagmanager.com
3	dsum-sec.casalemedia.com	2 redirects
3	ade.googlesyndication.com	surl.li
3	www.googletagservices.com	googleads.g.doubleclick.net
2	ib.adnxs.com	2 redirects
2	tps.doubleverify.com	surl.li
2	googleads4.g.doubleclick.net	surl.li
2	rtb.mfadsrvr.com	2 redirects
2	id.rlcdn.com	2 redirects
2	www.googleadservices.com	googleads.g.doubleclick.net
2	r4---sn-ab5sznze.c.2mdn.net	googleads.g.doubleclick.net
2	r2---sn-ab5sznzy.c.2mdn.net	googleads.g.doubleclick.net
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	web-screen.com	surl.li
1	beacon.lynx.cognitivlabs.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	sync.srv.stackadapt.com	1 redirects
1	beacon.walmart.com	1 redirects
1	a.c.appier.net	1 redirects
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
147	33

This site contains links to these domains. Also see Links.

Domain
hyperhost.ua
steamcommunitc.com
secom.com.ua

Subject Issuer	Validity	Valid
surl.li GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-22` - `2024-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://surl.li/obljl
Frame ID: 69511E6D98C501C2098C94E9F0690017
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 903F06852F8BAA2925DEA50867F5EF1F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&adk=1812271804&adf=3025194257&lmt=1702149539&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149539464&bpp=12&bdt=190&idt=133&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3119713424734&frm=20&pv=2&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=151
Frame ID: D4FB62579D7CFC326C9C973C44C195D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1702149539&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149539476&bpp=2&bdt=202&idt=145&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=148
Frame ID: 14D773A9730B6C18680C8EFE7CFCC486
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702149540&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149540403&bpp=1&bdt=1129&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=3&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Frame ID: A44536541AF59394EE196FD84DC65F34
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702149540&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149540403&bpp=1&bdt=1129&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1200x90&nras=4&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Frame ID: C812E4FC707C58E87B75D68DEC94EDC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1702149540&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149540403&bpp=1&bdt=1129&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1200x90%2C1200x90&nras=5&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=17
Frame ID: 322C539E0EDDFC6117F825E692620186
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 225E9C0D22AFF06E03E19FA0B0BAB73F
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 017F45EF0BB27372FE5E391485898D82
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: DAC5556359C6F05F65BCDCAE9901A673
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0A86FF3A812661D4CE07981B6AB44417
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 927F6909BC37A3D553FD1AC7E72A004E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 8FCFC36B3036A0C22EDF754FAB5177EC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: E030FCA2F5C5FB714FF0756828919C20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2658CA920DC08125A04F3771D3CDC5E9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A0677556E7EC06B9538ECEAD1BC4178E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 63013DAA24A34B3ABB7A8BD02A208A6E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 9CAE926053DF21F6B84F222CA007367A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 2C6EFA293A0447670660C514379AE7FA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 895CEFDB7C4B544310EEF707EB4103E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DDB45C2EADE846E9BB1EADE247D11AA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Surli redirect page

Page URL History Show full URLs

http://surl.li/obljl HTTP 301
https://surl.li/obljl Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

147
Requests

93 %
HTTPS

0 %
IPv6

22
Domains

33
Subdomains

21
IPs

3
Countries

8269 kB
Transfer

11235 kB
Size

33
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://hyperhost.ua/en/vpn?utm_source=surl&utm_medium=menu&utm_campaign=menu_button&utm_content=menu_button
Title: Buy VPN

Search URL Search Domain Scan URL

URL: https://steamcommunitc.com/gift26482976473796
Title: 5 Go to site

Search URL Search Domain Scan URL

URL: http://hyperhost.ua/tools/terms/term-en.pdf
Title: The rules of usage

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/hosting
Title: Купити Хостинг

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/vps-vds
Title: Купити VPS

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/vpn
Title: Купити VPN

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/
Title: Hyperhost.UA

Search URL Search Domain Scan URL

URL: https://secom.com.ua/
Title: Secom.com.ua

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://surl.li/obljl HTTP 301
https://surl.li/obljl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 77

https://gcdn.2mdn.net/videoplayback/id/c1411e44ac79c65f/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896787/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8016B39C09845DD0DC814EF55114AA93555CDC84.8E9C9C4F8FAD2D47A7892EAB19E78FDCFDCD1FFC/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-ab5sznzy.c.2mdn.net/videoplayback/id/c1411e44ac79c65f/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896787/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5CFBE3340159FCFD0F306676B706E7CDF8100205.79AE87CE6BB597852C3D14E3EB05ECD7F6CFEB41/key/cms1/cms_redirect/yes/mh/v7/mip/185.193.64.66/mm/42/mn/sn-ab5sznzy/ms/onc/mt/1702149148/mv/m/mvi/2/pl/24/file/file.mp4

Request Chain 90

https://gcdn.2mdn.net/videoplayback/id/456190d9c09965e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896815/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/99C67DA1BBB0C1513E5468FBB54A876AC8492BC5.2E6D1AC4744160F7B40E66BD8618808CCAB16F85/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/456190d9c09965e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896815/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1FEC3D945CA6224BA1269BA300A663EEA46C661C.095C08D0D9B8C366F6D2211C0AD6E37877C6A9E8/key/cms1/cms_redirect/yes/mh/4J/mip/185.193.64.66/mm/42/mn/sn-ab5sznze/ms/onc/mt/1702149148/mv/m/mvi/4/pl/24/file/file.mp4

Request Chain 97

https://googleads.g.doubleclick.net/pagead/adview?ai=CPtr7pL10ZfaxG4uj_gSOhbCgCfnOzepoxuXrrJoQ2a_ulPIjEAEgz8ndb2D96KKB8AOgAZvnsf8DyAECqAMByAPJBKoE2gFP0KGcTskOxf408mOW-fnRW9U0rwGd-xSqLgs_imzlh2Zd9OyYmVdHrjJ7xjS-JkV0j7HML9_qXtnE-En3QYgkKoTlBc-HW09QufWuziDCiXK7Yuyz7tBXACC-KSN1tyakzVt5OQ38sWMU45UlRneXj4x5APNvMf3JudNTySug7nE12H01L2y0ahat-9xPKgu3H6EtUm2IZTn6P-_EIwfoiaBQIrYV5DlneVczVqi6WXilScVMFvYR2rtlN7or3QjIYWm6RxwSRl9aZhqq7AgW7L2M0VrOK6GznMAEqeKps8kDiAXay6fgL5IFBAgEGAGSBQQIBRgEoAYCgAfNmE6oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC2gQPSCB0IgGEQARgfMgKKAjoCgEBIvf3BOlih7tmViYODA5oJxwFodHRwczovL3d3dy5jb2JibGVzdG9uZXNvZnR3YXJlLmNvbS9jb250cmFjdC1tYW5hZ2VtZW50LXNvZnR3YXJlLWRlbW8tMjAyMj91dG1fY2FtcGFpZ249R29vZ2xlJTIwRGlnaXRhbCUyMEFkcyUyMDIwMjImdXRtX3NvdXJjZT1wcGMmdXRtX21lZGl1bT1JbWFnZSUyMEFkJnV0bV90ZXJtPUdvb2dsZSUyMEFkJnV0bV9jb250ZW50PURlbW8lMjAyMDIygAoByAsBogwUKhIKEOS0sQLutbECtbixAqy6sQLaDA8KCRCQscyAoJjLexICAQPYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTIxMzQwNzE4ODQwNjc5MBgA&sigh=DuJg3U6FvaA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNuh85MuQsPcB9SgzUK84RKFKJMKFvUVWqa68NGrc46zItPUGfQG8PV3R0-21K_AMvOHWV_Pca8RgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x96e193d51980d8720000000000000000%22,%222%22:%220xe07479f9b70e089a0000000000000000%22,%223%22:%220xe86ad7ae27f1b45c0000000000000000%22,%224%22:%220x528db239503fd5d50000000000000000%22,%225%22:%220xef31bd16af8dac640000000000000000%22},%22debug_key%22:%2210386347686321607213%22,%22debug_reporting%22:true,%22destination%22:%22https://cobblestonesoftware.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221072460699%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217649047195383476513%22}&andc=true

Request Chain 98

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQQlh4711VkbyVMFGnOYc5ck0E8qsrlV1FoStwy0naMx8vMCuwYE11uop0DGTyPk2pVDb11X4ddKgePRds5pxRZ_g60i5ndFfUTKqQ8XfVoDgT3g5eB9-1WMZ1wAKPNgrW7O3u-1FbMAA&google_gid=CAESEB7gVZGV5B3f0UdRKbLzr0w&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKX70qsGEgUI6AcQAEIASp4BZ29vZ2xlX3B1c2g9QVhjb09tUVFsaDQ3MTFWa2J5Vk1GR25PWWM1Y2swRThxc3JsVjFGb1N0d3kwbmFNeDh2TUN1d1lFMTF1b3AwREdUeVBrMnBWRGIxMVg0ZGRLZ2VQUmRzNXB4UlpfZzYwaTVuZEZmVVRLcVE4WGZWb0RnVDNnNWVCOS0xV01aMXdBS1BOZ3JXN08zdS0xRmJNQUE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU2pna09LSDZWbm1BZEhkSTd0QmRUaUdnQzM2UDI5RWdMS0pqY3d0V3hFVQ==&google_push

Request Chain 99

https://a.c.appier.net/gcm?google_gid=CAESENkZx0A2I8tbIX1uP21sxSY&google_cver=1&google_push=AXcoOmTu9AOn_YjrOScOmHV7a0WdZ0jM8E9wCg_SSNZRnvOd_F2BafCoDj438AZnFe3IVkIH3hlspMmxinNpuRyQdIZouUyBEmIfcg_zTOy8vrRw7jOscoeID7bSDp0XSx7honABOGvp5SKe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LTg1aHJHV2NBWEtYeVBvb3BiMTBaUQ%3D%3D&google_push=AXcoOmTu9AOn_YjrOScOmHV7a0WdZ0jM8E9wCg_SSNZRnvOd_F2BafCoDj438AZnFe3IVkIH3hlspMmxinNpuRyQdIZouUyBEmIfcg_zTOy8vrRw7jOscoeID7bSDp0XSx7honABOGvp5SKe

Request Chain 100

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEH82WmrlQafK9fBbk5HGwA0&google_cver=1&google_push=AXcoOmTsVpZdFJF-DMX9Rce78_qaP8LxJ5TFhDaTqelPDo6duyxtT9xwjGnD6fEVnxv0CAG9yaUyQTlIfCdZmEv680lxxBVWmhrgJy6BzKQeEcv-y8I2h5YosHtgdEGryf3h8ah5tL_UYkrOmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=YZjlBkkViBQJkpT4hpdhFk&tap=gAds&google_gid=CAESEH82WmrlQafK9fBbk5HGwA0&google_cver=1&google_push=AXcoOmTsVpZdFJF-DMX9Rce78_qaP8LxJ5TFhDaTqelPDo6duyxtT9xwjGnD6fEVnxv0CAG9yaUyQTlIfCdZmEv680lxxBVWmhrgJy6BzKQeEcv-y8I2h5YosHtgdEGryf3h8ah5tL_UYkrOmQ

Request Chain 101

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE7hT9BRNrZkQ-n9Mn8VO34&google_cver=1&google_push=AXcoOmSOi4XEEepNNtuxDf2jxjFeTO9LJ0dS_5iSKhikVnw3MgIkdFLI_XmrLhYum_E84zIFKLaKBre1c5MKQq90l_RDYhEboIEPdtG8azrmhxHc68pihS6HP7u18RDr892UzoVb7AX3ExZn2g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ii42SGGxXFpxchzhdlQPmLnBQEI&google_push=AXcoOmSOi4XEEepNNtuxDf2jxjFeTO9LJ0dS_5iSKhikVnw3MgIkdFLI_XmrLhYum_E84zIFKLaKBre1c5MKQq90l_RDYhEboIEPdtG8azrmhxHc68pihS6HP7u18RDr892UzoVb7AX3ExZn2g

Request Chain 103

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEKBdvrQlE7YIzMZc26KELw4&google_cver=1&google_push=AXcoOmQ9zdHTXnpDM4rQW6grN816Jv93VdtAWC69gRE7FOlQps6tEVOiW8r_e2-vpe1UZsUgxhQskSL5Z3XrUADjNBVh4Zsaxon_LRpTxngJ869fT275wzstxPkfggyjMIhD03s_cn0I2aHvTIM HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEKBdvrQlE7YIzMZc26KELw4&google_cver=1&google_push=AXcoOmQ9zdHTXnpDM4rQW6grN816Jv93VdtAWC69gRE7FOlQps6tEVOiW8r_e2-vpe1UZsUgxhQskSL5Z3XrUADjNBVh4Zsaxon_LRpTxngJ869fT275wzstxPkfggyjMIhD03s_cn0I2aHvTIM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=-DVXqrEHSiWMafEWoVuDGw==&no_redirect=1&google_push=AXcoOmQ9zdHTXnpDM4rQW6grN816Jv93VdtAWC69gRE7FOlQps6tEVOiW8r_e2-vpe1UZsUgxhQskSL5Z3XrUADjNBVh4Zsaxon_LRpTxngJ869fT275wzstxPkfggyjMIhD03s_cn0I2aHvTIM

Request Chain 104

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEOm6IQV80dTdDRM5HSxFkDs&google_cver=1&google_push=AXcoOmTbUjSvfcRalI5PPQIO5vqQPCYBbMs5plodWyke5Ti7d4W5D1573sH02ngzezWM35o-3jCQ5vMRr2g_0PpyhGn4OjQrC2JRJKxVlzFC_4Pz5Nu9IxOjCqE4j18D-jhwK5DyDwgBKdI0-8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=veqGXj2YJ06npSaqi7W90g&google_push=AXcoOmTbUjSvfcRalI5PPQIO5vqQPCYBbMs5plodWyke5Ti7d4W5D1573sH02ngzezWM35o-3jCQ5vMRr2g_0PpyhGn4OjQrC2JRJKxVlzFC_4Pz5Nu9IxOjCqE4j18D-jhwK5DyDwgBKdI0-8s

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 118

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyAIxC6hdDWAhj4xL39ASABMAE&v=APEucNUQ1p9YZs9YvHuB3X7P5T8XoHw6hLuvpvTbgBypXkz-B1FpcKrMUfgRAaEip68g_naYC8632O32HF3fWXkhFQpqsHGCipwz7NvjLDTgOoawOfQhYak HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXS9pU7F0MPeeFEhBOZKQQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHUemcOQ7q5z5nTQw59b9Bo&google_cver=1

Request Chain 130

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyAIxC6hdDWAhiMwb39ASABMAE&v=APEucNU8SkzoswwklGW2g-1WV8t89KQ-ryIxCpkEOHHdTFYPT6CPD1AmFSnvxLY9DRveTmV2kQfzTvtx3wNUT5RoFvie8XnCBv_5sM8-NE5kuI8rgS-haOs HTTP 302
https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MDU2ODUwNDI1MzMyNDQ2NA%3D%3D

147 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request obljl Show response
surl.li/
Redirect Chain

http://surl.li/obljl
https://surl.li/obljl

12 KB
4 KB

930ms
865ms

Document
text/html

104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.3

Resource Hash

b25ee29336e807030d8ac1731c5d295e08efbc1fc2feb33b54ac6a3d33dd0c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 832f98d71965a24c-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 19:18:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRuG6UurhiFnsKChC1fbhKnQKMMH9ytsnCQ2QoPVq7tyN3cL3thKOq%2FuIb7pLEsHAyjzV8O0%2F9kxAuzaj0BWTbkKgjFx69aeMsjdNyh9uvbxOx5D88wg5k8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.2.3

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 832f98d5d82d36b4-YYZ
Connection: keep-alive
Content-Type: text/html
Date: Sat, 09 Dec 2023 19:18:58 GMT
Location: https://surl.li/obljl
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5CW9h%2BBfPmezONPtKZCp%2FxYoZuKWzcgdjon1IJZNuo7r7meISxCp9cfGcDIDZ5ljZ23XMuOqPI%2FjOHgrgPp%2F7z3GwgwQW0foOs8cRLnHJVaaoO6QytUXbw%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 app.css
surl.li/css/ 158 KB
27 KB 42ms
41ms Stylesheet
text/css 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/css/app.css

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0997163235857d5e2a588d5eebdbfdafa21b46b45b83e2747bffc2362a8509af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/obljl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4195
content-encoding: br
last-modified: Mon, 06 Nov 2023 13:52:32 GMT
server: cloudflare
etag: W/"6548efa0-2783e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KMhUUwPt9zEeOvZeAz6%2FLx2LFdy4FulZyb6qy2el9kGYwuIG%2BZfA8O38hf%2BdAAIt6zIFAn0aukSE2TeZnlIn5wKKrfk1zclXP9FGequ%2FibT%2BwWgaKKJSKA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 832f98dc986aa24c-YYZ
access-control-allow-headers: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 127ms
59ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

476fbc2eb83910bea83e0210f8a4faa2b2d328ceaa66fa0b38c349ac982cbea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52053
x-xss-protection: 0
server: cafe
etag: 7921985464434708239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 09 Dec 2023 19:18:59 GMT

GET
H2 200 surli-logo.svg
surl.li/img/ 9 KB
4 KB 39ms
38ms Image
image/svg+xml 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/surli-logo.svg

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/obljl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2682
content-encoding: br
last-modified: Mon, 06 Nov 2023 13:52:32 GMT
server: cloudflare
etag: W/"6548efa0-233d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USJPgEKDSTMWFU5j%2F%2BCPevbt7cVrcITj1vd5tJWoKubviK2ODo0FKlkMHxLKNSpCQz6gb0y3tFM55v6Xn1BO7lrGMcauZHx%2BGkDD0rp%2F7Spw8d53lRYdWPE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 832f98dc986ca24c-YYZ
access-control-allow-headers: *

GET
H2 200 plug.jpg
web-screen.com/img/ 13 KB
14 KB 108ms
46ms Image
image/jpeg 104.21.20.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-screen.com/img/plug.jpg

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5941
alt-svc: h3=":443"; ma=86400
content-length: 13510
last-modified: Mon, 29 Aug 2022 13:27:44 GMT
server: cloudflare
etag: "630cbed0-34c6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDbl8sl3TJEn20bCmGYIrzTVNmBJCM%2BR4tFk%2B5yR6G9ZfUG4BMVl0nMiwDY8Knh4aM6brDFg6NNDZVUEBMgBESUyFmH%2F2hq0NNueTv3J8%2FuzXDNyXY576x%2FN1cMwuAPnEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 832f98dcf8d539db-YYZ

GET
H2 200 pc-rouded-icon.svg
surl.li/img/ 20 KB
15 KB 44ms
42ms Image
image/svg+xml 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/pc-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/obljl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2681
content-encoding: br
last-modified: Mon, 06 Nov 2023 13:52:32 GMT
server: cloudflare
etag: W/"6548efa0-4f3e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3NvmgZBoAnpReFjadkzOInST1JqhxyywY2eafOMD8fSWm09HUBEQWxzGmzQToIKXMRadV0nQkFI%2FdU0QcdnOerAWp6Hmq%2B%2BV6M4oFriatAvWXcMkOfEoKk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 832f98dcb894a24c-YYZ
access-control-allow-headers: *

GET
H2 200 gears-rouded-icon.svg
surl.li/img/ 4 KB
1 KB 74ms
72ms Image
image/svg+xml 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/gears-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/obljl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2681
content-encoding: br
last-modified: Mon, 06 Nov 2023 13:52:32 GMT
server: cloudflare
etag: W/"6548efa0-e1f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6rg3sDiYIYXVz6XF%2FTVClDwrxh5Ty2vxrWzQMe5RIsbEI%2FfEl%2BV2vWj65BBjY0eV0yuLcjKYQtDB8WXmOugIzt9L3%2BnDjdD30Pqg6CJ9kXWbBXrRAAY2AI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 832f98dcb897a24c-YYZ
access-control-allow-headers: *

GET
H2 200 planet-rouded-icon.svg
surl.li/img/ 5 KB
3 KB 42ms
40ms Image
image/svg+xml 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/planet-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/obljl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2681
content-encoding: br
last-modified: Mon, 06 Nov 2023 13:52:32 GMT
server: cloudflare
etag: W/"6548efa0-1574"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoYjnBieziyjgFOUp3UjhZTQC2v71ukWV4whn3O3XTBUgDW8%2FzM8Ox4pUtLlXhiB23QEnszkGe3T21czKMWmrKGLOFJGDuj1nelnH6nAll3TFuixmWE3nPU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 832f98dcb898a24c-YYZ
access-control-allow-headers: *

GET
H2 200 mastercard.svg
surl.li/img/ 9 KB
4 KB 59ms
58ms Image
image/svg+xml 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/mastercard.svg

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2059d0f36e3b59dd1957bbf7b43c6a5fb1e80a1a624816945f476220633cef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/obljl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2681
content-encoding: br
last-modified: Mon, 06 Nov 2023 13:52:32 GMT
server: cloudflare
etag: W/"6548efa0-2394"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZSOGOikq15H%2FPRk3Y1UJhUp5GF1zhU4L1D6HNZI%2B80Ev2HjFtchVYrNCLUWYwQmnkAk0UGpTjt5cEXsgVsLEHMqpFE4gNPwdvwoQy2jFouWgxe9sCHbT%2Bo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 832f98dcb89ea24c-YYZ
access-control-allow-headers: *

GET
H2 200 visa.svg
surl.li/img/ 2 KB
1 KB 74ms
73ms Image
image/svg+xml 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/visa.svg

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fcbd380cfe4653cf6146accc638be75cbcb555d30c003116e83c38121c60aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/obljl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2680
content-encoding: br
last-modified: Mon, 06 Nov 2023 13:52:32 GMT
server: cloudflare
etag: W/"6548efa0-76a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzwcaeNHIY7GXRhy%2Fe1I3KTRExOyHgrrwNxoi9YGn2rYpIO2GY3ijBJWPtCEO60c%2BTEU%2BXtf953KN7OcSXFoKr8iSgi3IDe2g1iYmqAhVn2%2FlFdNrHZKSKY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 832f98dcb8a0a24c-YYZ
access-control-allow-headers: *

GET
H2 200 email-decode.min.js Show response
surl.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 41ms
39ms Script
application/javascript 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/obljl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6569f5f8-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAtg0FpLRHZ7S%2FiTRDb40e%2Ffrd1PnEPgZ6JOW02DpBLgePwEXW4kWfpfxq7yEbd3Xvs%2FuQR%2F4RSOjWtGT2bZxd6b1bVNevkCgSvMUTfOIsk4TQYxW8r%2FcXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 832f98dca892a24c-YYZ
expires: Mon, 11 Dec 2023 19:18:59 GMT

GET
H2 200 app.js Show response
surl.li/js/ 188 KB
61 KB 60ms
59ms Script
application/javascript 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/js/app.js

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfdb1043b8f42989b3777ec5eb10b7269ec988a0f5e50f4ac1f05ddfa828d14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/obljl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2682
content-encoding: br
last-modified: Mon, 06 Nov 2023 13:10:42 GMT
server: cloudflare
etag: W/"6548e5d2-2f1d3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uob6%2FgjPpw2Q349Koluq%2BV9DA1Xflqw1%2FL0oLpzmkIpsFG7hZHcaQF7hKqo8qHa00pSlrsDpz8THM74lQNKcERKbWrge3jW7PrFpT%2Byqcp9nF1aoZGa8yQA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 832f98dcb89aa24c-YYZ
access-control-allow-headers: *

GET
H2 200 preview.js Show response
surl.li/js/ 88 KB
32 KB 49ms
47ms Script
application/javascript 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/js/preview.js

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b26c3a19858e9cf2dafc02349c62bb38a95350d642354b5ff209a7cd299548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/obljl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4195
content-encoding: br
last-modified: Fri, 06 Jan 2023 14:56:57 GMT
server: cloudflare
etag: W/"63b836b9-15ff1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2F7q1YfZQ1ZEjLfOhU%2BTl91%2FFyE1OYNq355%2FO8EPnlfcpMTVRHJzk7%2FWmAMp7NLJEw%2BTjBQfQ6zuIX%2FxuZhbTGbrfs3SdsOA3vvczWRoSLdEQzBR%2FB3S%2Byg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 832f98dcb89ba24c-YYZ
access-control-allow-headers: *

GET
H2 200 Roboto-Regular.ttf
surl.li/fonts/roboto/ 127 KB
127 KB 49ms
48ms Font
application/octet-stream 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/roboto/Roboto-Regular.ttf

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4759
content-length: 129584
last-modified: Mon, 06 Nov 2023 13:52:32 GMT
server: cloudflare
etag: "6548efa0-1fa30"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCeaYAi0tvryRYmSJ9v%2BtfKRM18aALQ0N0iE0NJE6YYXCbCBa17Dfv5xHFDKUNL2n45wM7%2Bv0A9VbyldaVPFRkk84g6Q6%2BlKA5%2BMXyS8VZTBYgz50VF81G4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 832f98dd0909a24c-YYZ
access-control-allow-headers: *

GET
H2 200 Rubik-Medium.ttf
surl.li/fonts/rubik/ 113 KB
114 KB 39ms
38ms Font
application/octet-stream 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/rubik/Rubik-Medium.ttf

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4759
content-length: 116056
last-modified: Mon, 06 Nov 2023 13:52:32 GMT
server: cloudflare
etag: "6548efa0-1c558"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbNHJ3prUEWGNuefU05LWYE193aFELbgTkTfyW8OupvlPh5HrIbo%2B1xz%2Fj8dez1BCKdpFBtUzl0GL%2Bez5GrY5aouVwUtzag3eqr3Igk63c5ij2ukfO8W5yo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 832f98dd090aa24c-YYZ
access-control-allow-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 104ms
34ms Script
text/javascript 172.253.63.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 18:38:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2416
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Dec 2023 20:38:43 GMT

POST
H2 200 getPreview Show response
surl.li/ 100 B
1 KB 1227ms
1227ms XHR
application/json 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/getPreview

Requested by

Host: surl.li
URL: https://surl.li/js/preview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.3

Resource Hash

acdfea62a4012473d5ee7b794bceceaab7b992cb84c13c0ac5d6d8c0f838c8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://surl.li/obljl
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: TX3q9IfJq38AfoMzO17hAijVb8DKXOlAwbsZ4fzW
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 19:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: PHP/8.2.3
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPAtVbt59VXyRojLS8jes6LCkj90tv%2B5AllXZj7kNE7AOuMTXolQVlaxcSStvj00wDW1quKwLEqr4RLfERkjlPwbBZExGXhnlm3uLvRWliBTd%2FbrfofGHa4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 832f98dd99cca24c-YYZ
access-control-allow-headers: *

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 85ms
84ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

c4008ee3a5052996958e5fee5ed51965cb6e42977993526aa77f4794a288ca56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137692
x-xss-protection: 0
server: cafe
etag: 14711685030758758819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 19:18:59 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 903F 9 KB
4 KB 100ms
32ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 18:55:50 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 18:55:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 34ms
33ms Script
text/javascript 172.253.63.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f138.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 09 Dec 2023 20:03:33 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
215 B 43ms
42ms XHR
text/plain 172.253.63.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2018367738&t=pageview&_s=1&dl=https%3A%2F%2Fsurl.li%2Fobljl&ul=en-us&de=UTF-8&dt=Surli%20redirect%20page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIhAAAAACAAI~&jid=2098969391&gjid=553545753&cid=1939041536.1702149540&tid=UA-18721904-9&_gid=1984430724.1702149540&_slc=1&z=776689842

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

d03b8dbcc23821d74a8f91c60b2c1ca1141a23c1d51680572626ae4b0fcec1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://surl.li/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:18:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
340 B 107ms
40ms XHR
text/plain 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18721904-9&cid=1939041536.1702149540&jid=2098969391&gjid=553545753&_gid=1984430724.1702149540&_u=KGBAgEIhAAAAAGAAI~&z=780367334

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://surl.li/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 09 Dec 2023 19:18:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D4FB 439 KB
73 KB 687ms
687ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&adk=1812271804&adf=3025194257&lmt=1702149539&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149539464&bpp=12&bdt=190&idt=133&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3119713424734&frm=20&pv=2&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=151

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

e8e9df86b2da6caf485ccaf5f0a66ab7541b73efb0a09a53ed4e4ef8d73848e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 74888
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:00 GMT
expires: Sat, 09 Dec 2023 19:19:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14D7 91 KB
29 KB 1030ms
1030ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1702149539&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149539476&bpp=2&bdt=202&idt=145&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=148

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

fdec835653df1d5036d79d86215e6252d7448b59f1afa1cc840041f569796969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29327
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:00 GMT
expires: Sat, 09 Dec 2023 19:19:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 119ms
50ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BVLF49G8NB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

fabc469d86a982f9b107e9dfbb5a68a90bf6233fe6fd5254a966a2afc7612974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:18:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82923
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 19:18:59 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
40ms Ping
text/plain 172.253.63.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BVLF49G8NB&gtm=45je3bt0v9124767006&_p=1702149539633&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1939041536.1702149540&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsurl.li%2Fobljl&dt=Surli%20redirect%20page&sid=1702149539&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1656
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVLF49G8NB&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:18:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 65ms
64ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

6fb4b414ffb2806a57615c8609d66de2f60342fcfe95174f32d2f622fd794cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56000
x-xss-protection: 0
server: cafe
etag: 12397969142879189191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 19:19:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A445 110 KB
41 KB 519ms
517ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702149540&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149540403&bpp=1&bdt=1129&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=3&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

8e8dd3c393053ad1416d1a6c346fa6bef5cc571f6ec2cbb479a4ead12f80848f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41824
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:00 GMT
expires: Sat, 09 Dec 2023 19:19:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C812 710 B
380 B 883ms
883ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702149540&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149540403&bpp=1&bdt=1129&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1200x90&nras=4&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

4fd717a19576bb662c2cc6fc5b2ba1fccf760251ce08003e73dac9b73e222816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:01 GMT
expires: Sat, 09 Dec 2023 19:19:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 322C 710 B
377 B 399ms
397ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1702149540&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149540403&bpp=1&bdt=1129&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1200x90%2C1200x90&nras=5&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

2a3c5691fca672b5f40d253b51bda07f0cd52f07000931a74ba5b64c99ea2b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:00 GMT
expires: Sat, 09 Dec 2023 19:19:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 225E 9 KB
4 KB 34ms
34ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 18:56:43 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 18:56:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 017F 9 KB
4 KB 34ms
34ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 18:56:43 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 18:56:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame DAC5 9 KB
4 KB 34ms
34ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 18:56:43 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 18:56:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 225E 24 KB
9 KB 139ms
67ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:33:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 225E 8 KB
823 B 116ms
43ms Stylesheet
text/css 142.251.16.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f95.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 19:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 18:02:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 19:19:00 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 225E 15 KB
3 KB 118ms
47ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:28:10 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 225E 376 KB
131 KB 118ms
47ms Script
text/javascript 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:11:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 225E 20 KB
8 KB 119ms
49ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:45:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 017F 14 KB
2 KB 92ms
42ms Stylesheet
text/css 142.251.16.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f95.1e100.net

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 19:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 18:12:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 19:19:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 017F 2 KB
903 B 116ms
75ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:38:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 017F 24 KB
9 KB 116ms
76ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:33:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0A86 143 B
166 B 35ms
34ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 3547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 18:19:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 017F 3 KB
1 KB 118ms
81ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:33:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 017F 20 KB
9 KB 83ms
46ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:45:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 017F 202 KB
64 KB 38ms
35ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 19:19:00 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 017F 37 KB
16 KB 100ms
34ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 18:02:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DAC5 14 KB
1 KB 70ms
42ms Stylesheet
text/css 142.251.16.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f95.1e100.net

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 19:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 18:13:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 19:19:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DAC5 2 KB
856 B 102ms
82ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:38:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame DAC5 24 KB
9 KB 91ms
72ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:33:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 927F 143 B
166 B 34ms
33ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 3547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 18:19:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DAC5 3 KB
1 KB 99ms
82ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:33:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DAC5 20 KB
8 KB 80ms
64ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:45:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAC5 202 KB
64 KB 53ms
52ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 19:19:00 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame DAC5 37 KB
15 KB 94ms
49ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 18:02:52 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0A86
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
42ms

Document
text/html

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:00 GMT
expires: Sat, 09 Dec 2023 19:19:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 927F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:00 GMT
expires: Sat, 09 Dec 2023 19:19:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 14D7 24 KB
9 KB 49ms
47ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1702149539&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149539476&bpp=2&bdt=202&idt=145&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:33:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 14D7 8 KB
823 B 43ms
41ms Stylesheet
text/css 142.251.16.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f95.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 19:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 18:26:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 19:19:00 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 14D7 15 KB
3 KB 84ms
83ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:28:10 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 14D7 376 KB
131 KB 67ms
66ms Script
text/javascript 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:11:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 14D7 20 KB
8 KB 50ms
49ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:45:57 GMT

GET
H2 200 a7f0fae2-249c-421c-b596-8fa69d7a79ae.png
web-screen.com/storage/screenshots/2023/12/ 599 KB
600 KB 38ms
38ms Image
image/png 104.21.20.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-screen.com/storage/screenshots/2023/12/a7f0fae2-249c-421c-b596-8fa69d7a79ae.png

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4dc1eea94f490256231746e2c7a96041db56fb8221316cbcc90f6217fd758ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4118
alt-svc: h3=":443"; ma=86400
content-length: 613755
last-modified: Sat, 09 Dec 2023 01:08:53 GMT
server: cloudflare
etag: "6573be25-95d7b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5CcFRS%2BWctmRZ%2FQYYDVdPJ%2BbgtAktekcHeiXsR2%2FDUI2azW%2F%2BS6N1VM80510hOl3yD58ty0ubqBeqRO%2FajOVbl4tWbv7%2FEoGfzxwbE%2BlRjXWHDa4YPP77bz5WqZIZ5ryg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 832f98e54de439db-YYZ

POST
H2 204 csi
csi.gstatic.com/ Frame 225E 0
234 B 352ms
127ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpyfvzcp&c=2235958246690&slotId=1117979123345&qqid=CMzcqZWJg4MDFcS50QQdLC4BQw&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 225E 9 KB
10 KB 138ms
73ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:12:00 GMT
x-content-type-options: nosniff
age: 295620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:12:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 225E 15 KB
15 KB 130ms
66ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:11:26 GMT
x-content-type-options: nosniff
age: 295654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:11:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 225E 0
20 B 47ms
47ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CPrO6o710ZYz_J8TzxtYPrNyEmATuvoHEdM-r1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMByAObBKoEhgJP0CjTWRYi0vls2m6bScwYVYFMTD5JZFbofpHkNqOT0-HLQf8R4SBU6_A8pqXb_umDUBSPZj9CKgTFyqxKIAO9vkH8BM4jn4nC92qLNXJ3euNdymNqCG60cAw3MTCmJu50tr7cxbDQ065NFiOTpyGAStGv8WXVkAv4R3v7dGFR3gaVW5bRUunFhQPpW77SYJ6HqlMGo3CKM46h8-kuvGXuPZapwQMFBmnlbBrkEzSH1DJc8pvl7TKp7CuTgLc1yeOejlp6fKCAfK-hD94Rj6e9_2ZPH_pHD-aUwKNCRzSfR0Ah58PF4I1Y1yN1-2vCCDyb0uvwy2QRl51_LlPKTUfh2wRae7FQwAT91biTvQTgBAOIBbjt561NkAYBoAZOgAeakujVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOljKpKmViYODA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDQbATyYneFcgT99Xx4wPYEwqIFAPYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1702149540840&ai=CPrO6o710ZYz_J8TzxtYPrNyEmATuvoHEdM-r1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMByAObBKoEhgJP0CjTWRYi0vls2m6bScwYVYFMTD5JZFbofpHkNqOT0-HLQf8R4SBU6_A8pqXb_umDUBSPZj9CKgTFyqxKIAO9vkH8BM4jn4nC92qLNXJ3euNdymNqCG60cAw3MTCmJu50tr7cxbDQ065NFiOTpyGAStGv8WXVkAv4R3v7dGFR3gaVW5bRUunFhQPpW77SYJ6HqlMGo3CKM46h8-kuvGXuPZapwQMFBmnlbBrkEzSH1DJc8pvl7TKp7CuTgLc1yeOejlp6fKCAfK-hD94Rj6e9_2ZPH_pHD-aUwKNCRzSfR0Ah58PF4I1Y1yN1-2vCCDyb0uvwy2QRl51_LlPKTUfh2wRae7FQwAT91biTvQTgBAOIBbjt561NkAYBoAZOgAeakujVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOljKpKmViYODA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDQbATyYneFcgT99Xx4wPYEwqIFAPYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 225E 0
54 B 334ms
128ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpyfvze1&c=2235958246690&slotId=1117979123345&qqid=CMzcqZWJg4MDFcS50QQdLC4BQw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.yf&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 225E 32 KB
18 KB 64ms
62ms XHR
text/xml 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BCi6xl7LccS3qW9jNa68pjx0RmrH4JcVEJC3H-534jD5A9qNDt2Xl207X_B1WDX8YKAWzvN2ek-HY4RRZfYhSmPhHRjw&cry=1&dbm_d=AKAmf-BSV1Ntt9nUxWEUORs5ivttC2Wmwm3bvIV_2FC1DyYRyjLD_gn4jGjdwXlthMCANXPEOL5CVe6AY-oEC4tOtuzj-8is1DGzgQ8gP7-xgVXiRD0E9vH0m1jgF8JJi-U8T-7O0qXVDLbRIgmm-oVcxN2bLv5XY9HUm39qEuGDK0bWDP7N1wjPT5x_nP_7TYLbVqCrj8dp9SLcCl3ZOvSrxpnG_UenmD-LcnenlI-jMXDNOt8EbndDThIB_0mMP-apBp1vbxIVMt3A7zU8DuY0pVAi7SaKRPC0zKcMVQ3libyA0SgpX2C_-MfKPjNfK9u3S9otBayzPIIPZ7qlJW2LQw0Mr9KV8F4txIkWL__pFQBE2KM9ObADFvcDnCKp4yuYYrYYJJTA2r0PvWe_FTxQyHytCN6ZwuXNuI1RXLHW_bJyW8FgYT_wsieeIzApGGAUHWTei7o2r0d7e04A72uWOcLMPRf1DcioeKgUuqWQpO_EajOJ7BWBxo4dR24z_CyI_MaEvqstML2T37Gw7cvBYqvUdyck_yljeD3WhLofbZ-Tu_EUYe_iRkuiJ-q0IMPV2uoD0VKXUfRxmmEmH1_f4XIzfyNas5Qmcz4Ut71sfUge_t3yWK0FhqoVJD4VQ8hzVl9Tjj1S-EGJWFoVYxG0lcqyM-N08_5BTGwVFkwKrAZqdmm1qw8wQ-Mv9D4UPqg6Rvzj1ebSRpV4HnEHeOGmPUWeh4eseITP2g9C9v81NoSVRN1QDcIVvir46gFyRCtC77hD9cIN7msScm2VAKYEqy3M3Yz2wxf3M_-Pnqbck5YRm_magxWA1sFzBLrI_sMGd2NNxFjZv9KwMa0Pc_CgHQLoOpWoNGgFn0i-cE-6ZZXhq_wEbQV5nQM9ulfndlVLZSO04uFkfLV8zAUW6eeiPpEihK8nA5Im7VIUjWhesAPFfQ2jVzpugfCV4ekOrTOo0d1WnjXdmWk-esc8anq6frQRT9lF3XKODpDI2KbQTIW_E9mQm8I-AqDBoCaukY7DOy4iGRz6gghu3zYcdSTD6BnMPCw0qxCaZZY0bysRNCrqp-QUhzdUWObyFSfgOZVaG7rrKvS0_amLUz_mOr4-AvJhujmZSYjuptCFtCFLIY0zozeztL5DBymvcPcJDGPP5IotrEPUBA2ojvw6zyNNa_TRj2vAYqWjlo2eCK-IiGmlEsZWi0WztH2cmFFTciAk3wa7kYYNzvHMRWIhBG4G10DI_1DX3tK2_dCAOh698Qz_vDKNZdcfE3WUvgVyF77rg_kOXU3mMy_iGLT-cAwG2dE17fkFJlXD3-gg05UR4vS0Vk_YOXJa2LecLT9mUqf1Z7i7o04gJhWPDNC_sGwNXpwqNGfhoUxU88mOVRal2rz7A207z1QIODMzQoIHFUizDTZYHuOXP63UKCwEAVfccfNT-BvFSMt6SrXUg1JD-GGqj92ObOPCMe9QTZfrox55R5__ERHqwSpy5L2XvTKU5orpWJTkORy7IWfLWcHCN2N_gjwY25fUdhNTTRyOp49a0ukrjArqbwI5leczlE0Vg_LCeEiM3fdhVUsRiQ2QdRwKt_ZClKEowKSmNRLerHhMLOTF8DAj90ipDW_YWrM5fI4JgDmDxPK_vHjRa8MrNSLl3j4y7_hmxyVrmE7k5Lj1yFEIq6KMcoTH8AXDjqgnz02DPzS1mgB9c7SZ3QcAvOQUUafqZn5LQbUExCEw-lyZl1ocV9pht0GEjIZsxRX3lO58zgrwPrki9idSNJRt7Blzlkofpy5i6sEC_LBkw8kNK3vqouZpMEZYiRiewG06vvsqOGARL7Mh5NuUc166pk4apxr3_28MKFA61Y8OI914psA1BjBk03dhypS3JgXsG_fgOOyqnbMaQ9p7MohAhjsG6asYPbmSgzNss2k5cX8zYnLHAIHQBcZe8MiHli4n_aWqwzJV0-V6tgntTq17ukQ19LQezztVOxGPQuJqGLWvkNwkO42aDWADmJBdK_UMVD3ZO9XEdzDMcjEwJTDy9VXHoAFFPm4YL31EUat-UuvqtX061fozV6vhnc3XH_Hx9_H4ZRBFZlfAY-qwuzjHEAsvD2ZjcHHzqwOZCh-PoQcpqkXtuV0_CvKqY0Hp4lJ2Y6qKLYDzLzQ42ZbD4Cw_tgNNpcnaTDaFuK4HSnkX5VtTW4dodb0huTt5twjeYAwzhPPks9_ZtyjwQ3OAa81nRmmXHcDXbrou5EbVZbUuzcOejodo8UeilodDSx2tEfuiyM3BcVI4awcT4z0IaPBJbdTzAZIawMbPqAGL4YFd9t4fc6OWSy3eaynecnaTY341z_y-eZvVJbOnsUAf_GQXzbg-SRovPHg5nB7ZJyuANPv1OidjXNJj_wnGNaY24bIeTOih7iOU_glgP7l9JPGXLK1BTN0pRt8oJduYxC4JMPIB2oN0LNhYMzDWaVmf5yUs2A5W62QRNP8rP0opydayD4s4XEVQ2jN6ujdV4VJfk1jJA1F-ON1KlgMFwXmOxGWLcO2ZewmI_hqsQhp2naG3-GBjAr6NLRWwRVvDicpX0keUOX1VQhHv78KepG6YbfeJJ_b9cleBBYgm0h4-q8uffcbjGqZzld-F99Pg81dXd0geoNAUfs1bidqUlhsNV0Vk6cxcQrhoBTGfxeyPQiMiJf5pzG_3tegLkWLFqmwK4Qb6hiNY1VdkNZvZM-tNnkIGLyypY4XBj6MteiVDVbmEMi3KeTxlmJLPh8xxTdfAdx8r3-QQRG2dxuus7pWoX5CbM5H9QqIQYGmEoPf7-x_PGoH7CeWex8bOtLN1N89DyP5_8miHfZgmKzCx7ZSLHBG5hzQX26kGKZosYpXE8nkil4O9PT2zIs2bLvdSYLCkIuNkD_c5bzgJnQA8pGnUFDPgR_auHUx40Laou54xyZKSQ3dCmxI4uZy-Xp3kQFj7g9q6hWGOttFTdPXbhrq63Hvg_yk4NNy7mw_GKVcE7ad919TkC785_K1thQDivtd_9Ds_F_H8vN-rWQJWvx3UnK-VT6zn9-p6pkSvCLtO30fR6BaGkdH2HFWZdW-X72nE6Zcj06bMzJJUCXTv3fg3tsl1bF1YR3en4oBJAtIZf8DBQLtqxDbnnN51XYDrz5L-TsxM2YZTNMVmSyQHOnZN2LihS5ANhaEWI9VZH75hXezksPkgvQxXnhyoJrLx5SHQ2uOd2THTzkLK2sYqy1l80_IT3VS4YeG2Oh7MlGr-HJnJeE8kXJVifl_5ab_sm3IGR8l_RVbPWMy0WCBxiqzxBnZVSMluuINxXuOBBLnoAhM45EIzEyqvYdzud7AWD5wzznC4lNzZP6va8HTVOwi2_pk6aJpX6U3qBJfdq6LcsUkXjceL_JtLDw2GLP5XZDLM8YhuiTGJy6G1t6CxUeg3K4ePi89YkYGU3CvDpQIzgjegqA4cr6QHkXjqkSzxVVnctuzTeSSeQcYI9OMb3sm0gm80MhMj7uh1UVPNjcZAj8RDay3EPE3gDYRDfdqET-l2cJhO_uZy3Ni_4yuYHYhon_wA1U-CokDmEB1jstvEzNdSKQgAB4dEaGYhdodWEkJ9ZpdAFbW5qHVOe7Q2l6U38xlxBtOWQZtwkGEyXUIdrfj0gZyBrk9-1gh-cKHEY7ul6Js5azql8Yc6QjkuJPaKioG3-7f7TuBLALbQ_IC1_xCVh9OQP-5r15cOFAsAagu6pQT_7fC_syJ_LyG9gKW98HyXtytvndwoBujroqDGmmZox_er-NgRKxHXYAGcwcGONf6Vjj6Ec21RHV2TQRK-qzndoMcvZIbP5HX3_YdRE1QdYslV3t-apEfsMdey30vQ8zZGAhH9nKlfuvsBSrzrj4vDe1_I1g323w&cid=CAQSTgDICaaNBXkkzUmBjNfGbiWaiQQvFEZpFteUsYBvab1a4SsmiHY5gPywHiYlqBfu7VI-WLbwHXI27G3ksGFO-9tKX4GPj8aiPWnXje5lxhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

76f0b2a8c882b7960d942e4eb7cf99a72a2739bfc37c8259fb90e8a39a14ddad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17724
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 14D7 0
54 B 314ms
130ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpyfvzdf&c=1406569731239&slotId=703284865619.5&qqid=CN-8qpWJg4MDFTY9Twgd4iYNvA&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 14D7 9 KB
9 KB 111ms
79ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:12:00 GMT
x-content-type-options: nosniff
age: 295620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:12:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 14D7 15 KB
16 KB 82ms
50ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:11:26 GMT
x-content-type-options: nosniff
age: 295654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:11:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 14D7 0
20 B 48ms
47ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CeBdOo710ZZ_fKLb6vPIP4s204AvuvoHEdK-q1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMByAObBKoEgwJP0AdXIxewgQKL4Dnn5RYU2z4Q0PxoEvbZTPtQyj3BFv4Ysb9afXS-4V22jnNlAf0M6X0iXZE1moClbMPO548CBD2GGHVF647afPXi0Ji2vs3dciBGwj-j9h_hLQK7eDgplD6Y6qEMOMbed_f4A3_VDMrjW58zaf_1a89g7bsgMQ43TUc97AVs9ZS-ZquvOBidCbnDcms8h2AMKyo-G8hsfrCPXzVz0WRbot5bTiOVtTk98_FHjxC6nY-Nxx8Q5kmPJUAA9QO3yeG9vCz3-UaQFmSa3LvhluC9JAierRvfQCFUltjH0YK9-5oAHIus1CBUTOA-1Ai4BD8vYk41UlENsBIwwAT91biTvQTgBAOIBbjt561NkAYBoAZOgAeakujVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOliihKqViYODA4AKAZgLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CQ0GwE8mJ3hXIE_fV8eMD2BMKiBQD2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1702149540881&ai=CeBdOo710ZZ_fKLb6vPIP4s204AvuvoHEdK-q1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMByAObBKoEgwJP0AdXIxewgQKL4Dnn5RYU2z4Q0PxoEvbZTPtQyj3BFv4Ysb9afXS-4V22jnNlAf0M6X0iXZE1moClbMPO548CBD2GGHVF647afPXi0Ji2vs3dciBGwj-j9h_hLQK7eDgplD6Y6qEMOMbed_f4A3_VDMrjW58zaf_1a89g7bsgMQ43TUc97AVs9ZS-ZquvOBidCbnDcms8h2AMKyo-G8hsfrCPXzVz0WRbot5bTiOVtTk98_FHjxC6nY-Nxx8Q5kmPJUAA9QO3yeG9vCz3-UaQFmSa3LvhluC9JAierRvfQCFUltjH0YK9-5oAHIus1CBUTOA-1Ai4BD8vYk41UlENsBIwwAT91biTvQTgBAOIBbjt561NkAYBoAZOgAeakujVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOliihKqViYODA4AKAZgLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CQ0GwE8mJ3hXIE_fV8eMD2BMKiBQD2BQB0BUB-BYBgBcB6BcF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 14D7 0
54 B 305ms
130ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpyfvzf6&c=1406569731239&slotId=703284865619.5&qqid=CN-8qpWJg4MDFTY9Twgd4iYNvA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.z3&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 14D7 32 KB
18 KB 65ms
64ms XHR
text/xml 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BNqRHuRphHOPeOKbZylq6lkCcqLy7bFAorhcH34NyO7I8eb-K6Ym4MXmOMInoQ0tDIfVuFHNnGjjtr1NaE9CJpzTBY9g&cry=1&dbm_d=AKAmf-B3FN7fByVnXCOZV5HQTJnfP_H4OGe5-2cGgV5v6_ZnWwT_pSPj_8z0cx3zq4y6tcLdWV4DeIchp3DZCnTGj1urweEA83fMmVJ06-fQ950WdcKZqp2u0iBg3WWWOKu_V5TfqgWbEDxTOTcVg4aA6oif2pSQV7ySrVjCpLRx_-gEPJFRd8rNWpjhsYz56eebih-jOsougtehlVv0ReFruKFtaIpZ0lMhYO-whlLBxkea9fJ6THGDpHJC-4Ybs1WA0Lci7-MI2P9X7H2pkp0gSniX3cIA6xAo2-4ilgBzcrjQbFEHuTx54NurNkOPMknj6T1abOHlq3RYFMnZBTks34hO92UAEOz3gr-TXW1R39Ni4G-kErQINAGyVkGXIZPSm3iHIZwmIleDtwuOSlhfKQM_11xgKMqZjiMS8WKnj9guapHdpxRjRI93yIeoWQQgkHbGSau8VzcGxJoq6umztt9zSAgARj3_mjZVA7E6xLgevg3Silu7MPwF9jLJf5CkDRZQTPGnBYspvQk-T_xs_kWtmtfat2EO8ihKNDov66z4jplVtQWe4RX06k3jia8Ij_rdmnMMAWHZ4oZzDVU4y9qGPqdMrrxVInDYXX_NwlZAIKusgKzCo1KFJyo5C7JWKSQF0OSlDJdjB-yn8jvBvf-8jk8-lkJT9ENbpLVKInJvG95mBVo02KF6zg97z-5-_mn8Q34DIZ73oKhfX3Sob9WiEJGAE3rLQts3r0pYBNPpH1M0lxNaZNetbUzO-w31_9wF_BGDNJ3jni_9quuRGpxp1nDgB9Boveuf3jRq5O7V7zOo6oKBsz0VdqhIwQbFRRCqKRwZ-aQjwYNFTrxhH30-35q8vHDw7YD7SQ65OgMkxYp-eG7-zNZk6nS1gZZD2DYuw1GSnN-E8JMX0vYRa6Nvc86jo1J1af6RR9SYphO3F6mYYgs3Ww7bndVI4daDXl--QQcdjUSNFGPMEInR9A3HmpmaoHKT-E_sSR80MEKXsT8J2RRq-mmMezlTm-Bkkmrc-Dq_3KbLmaPyGmr-iMR6926Jaj0emGu2q-UV0KnYjWZczVcQw5lMcHFDjzhNUNAeXuC_tdS6G4Yad7UjIoKEMSL-0Hoe3Lsre071HNAQqzeUUU7eQiSJttPLoGrvLu58gt9WFSiDZxABZZjLfO3SHtFJ_8elbkYBCFgSmCuMpxxe0x2yKRK424dxt6gRvT6mgWK0hGYL7X5nZ_iFjhGADna3lHua3H81Ol07R-UrLZo_UJ6HEalMm3H7uQJ62L7ygXo0blbEOHpY0poUDr-gAoO0i6717XJFGbTobW0k9aW0SzDMxS8CCZvcTM9PqxYD25RCe1LJ_8v8xb4SChYrtvLMPRx4DFvgqbcrOeamHBs6SXrE6s-ARAWh-A6BXyQYUy0xjh5lpjt2qQVNC0PaYG_6peQlirsWHTWm6oSonMKiRwnXwl1ZQQRguo1G2x2mAiFNUPuXrcpWD6bMBaXdtpitl3DzBbhn-avEzuKpMu29V0Bfmw0DJ1mP53NKUPxxmxLiLUVw3H3AgPgayfkzhITClvzZt9G6qR74Oiv6PKi7QP-36LA7JIgQCqthqjlBqKoVv6QsqwYWy9N3fdReFGE22VcwroUozyZPihFBm9hXy7jHA-kPoL_57haiKcAXaPjJ8-7NIRFHak3EzGJKyMzh0O-aJ0NlhFaj9sqOBCLraG8r3hqbwph3Sz4BSvfR-kIx3j9cj5lEPovzGGB8YS1PjYbImhmrMn-0vM7uwQKsuMzZdWGbCjL_4He1i7YgidqIHr_AHLU7iPFYdew7bl1AMhlcH2g7cHXynaA_tv4_ADaFJAczCraviyMY-4JxhglRmfro3GACsELYZa8FVTTCEq3xndmhPYUiFBCC074ASzqRQDHMho6-KhCUtF65Jsh5_LhKW_F8Gneypkc0OY3ZRCSlFnjjT3g606X9sylEVJsCj6TvnQYKTcaR7NvFrkG8aNew33I7Srxe8ska0SQZKnPUEQmMp8zZir_7jxPtPdx9Q8lmLzrUOqM0XbPVPdOUJqDSwhoPIshAnH93qnfbmbv8qsZviVt5MYroV90Y5bULkWGiIhy2dNg79KCnHW3eLKo8i3xGimivfXdFFKEwNGmklUXlwphp2sIL0QonDSnNC8hTfmX7ao3V0sKFAWJZekJsMrmFZPVWgEpG2B-8imFynnsJf11cQ3N_r3MrCPYJE59YrRvshwifP70c6N0gJhb5Bbp8m7b7cbm9mNsBi1fV_SWFfHdGFFi0C8MU0OTixVNY4XebTyeaC6PKlYR-xELOSe7gD1DLg3XPUNn9HUuADFCRJnIKFyzw1Vl6p6sYnlFEsPAVuIkfS79UfKehvdlAG-8ONK1LieP9IvXLqUqVa0FDREfo-okT1a7V5hNizXO0bzXXs4XwV8d-g-HUqx99WIICpeaAlnzGbSjN4n-cARYms7iHyod3MxZWU0cNlNIuvaHyCPLyzHukDsiTnlWvJVT-SdTiwgNNjzXdt6vvvZD8O8BFndtoKFkRQmoBL1qBVQCQufA2HfkFxy2c8d8szpqfTl-gJWwzpwI1KKhaI3BkP1vZ05YW0lYD4MjdVHBeFSvI8l4hZI-6fMUwAcrRFAkyRCeMGQE9HDg0TVDSu9Og5Ny55l7RG2R3P5Aks9kv9ris2k3Typpj4UzfEYy2bB9YGXvMbK28HRFnGofL0x90tsrLHFibGxD_2V1eoBM130Ly85sXK97qG7MhUuxTUSiBHBCo9o4qGTmYUfiHvQKCJwPPpRoKd7WCNce99XL3d2LKzudfWU7uDkvwRD7vyZre09ufRRKt753ocx-pX3DSSZTY3_0yzlo-MzBvZJNvYsxW4JuRnzWEMw5OXxRbQFypF3laRayXe5fE3yMzXagiS_1RdCkvX7hrQGncPap5mmcDV_4AVdO7eNUg2frlKK_gI0hFxuBr0-3RkCqj3SBn0FV-McW8k9wEsJOUTqp1j2TSVb_zPiVB8X6gXo9xKvKGzgRA8cg-Y_4syzDLslKtLAimvuWuUqmp19NzLEbE6V0K151TxMNJdBKJGzJfBoK8mUa9E2DztuXszaDNnLgJcbyLCwsgciDb3BN6dOSjT9zNKhWmqG_ZZuxKcZlgEA-kePLG6yBG8tWTfaP7XSf8voiZ3ay5-KtbdV6rDmKWwQip6nv1Nm3qVIbv2YGnlC0sUPf8KdjLmnOQn2WnI6zevwuy29qElY6Pi913uQu3aE_GfYbZtRxFIGH6_zIVrspHYdDgzcn4sISaoCecRFNpan0tVSv0YDoeauaiOKY6yciXNPmaVRAL0L_Dz_CeHatSi5jrOCc6s8ZGjjy8pvHsDuNg_US-RDvNZib7B0wh2Uvw5fn0fHRNh2Gq6_runMsjP-BBvjR-lFHYPQ2Fc-6BIjWE-DDIkW1dSbm73DabjCp98tG9pgqFZog79TS6ZHlnrZKgXkzl-Yus4pQY784gq4oHtWYWoNgYDRAxSy4hVaKY3FElgU9xMq5kN70gXUTClKvBgzvKc6tKxZZtanCreTP8DCCdglGPkmwI29K5z41Y4SWRWA7KMz3uBaqz59CLJM3Ha8vUB4bP3qARt2jQey0y9rIrdllpz63zYTkMqq0ji1cq6x58iJevck1clN7nFMFvnurZBF5czjBoAMrz5OVkqI3LZlQubgk8GPXNvL2wj4v5sE_FeliUxTPoW2oWBASUSIUt-yydMV5q0JsHT0qg7CYvBveEIoN9RDiU-STNEip-WgazePYdd5ClaYLdI9EFM6zADTbYC0dxy4jB648Lyj9vazGN71sbmECibGN6jTUYoH1vn8sfT82zGxFXF966IPr4j1ryug&cid=CAQSTwDICaaNJuJOGOzO3q37dbNv4uFLC6He5Vfzyuk9NivanlRG2U0rGD-YoJchYtYbTBx-5dpdbQEfEpvDSpPLufzRos7rZa6-T2gGJ4sUkiEYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

bbffa94db304682f3327947145a9bc6e47ec9567ecb5df0fe4dab6c68c00051b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17900
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 14D7 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74c723f0b678447057ab94584eadc054699477265a4dc4d2a34da4c53300e4e4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 225E 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bcb7e1b467b7302b382ec6c62d5e14fdfb283e94eb3256a1cf9aaaa61a90002

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 225E 0
54 B 242ms
130ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpyfvzek&c=2235958246690&slotId=1117979123345&qqid=CMzcqZWJg4MDFcS50QQdLC4BQw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 225E 41 KB
15 KB 33ms
32ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 15:53:36 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-ab5sznzy.c.2mdn.net/videoplayback/id/c1411e44ac79c65f/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896787/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 225E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/c1411e44ac79c65f/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896787/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-ab5sznzy.c.2mdn.net/videoplayback/id/c1411e44ac79c65f/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896787/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

88ms
28ms

Fetch
video/mp4

74.125.174.135
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-ab5sznzy.c.2mdn.net/videoplayback/id/c1411e44ac79c65f/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896787/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5CFBE3340159FCFD0F306676B706E7CDF8100205.79AE87CE6BB597852C3D14E3EB05ECD7F6CFEB41/key/cms1/cms_redirect/yes/mh/v7/mip/185.193.64.66/mm/42/mn/sn-ab5sznzy/ms/onc/mt/1702149148/mv/m/mvi/2/pl/24/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Server

74.125.174.135 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s49-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 19:19:01 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4282489
Last-Modified: Fri, 01 Dec 2023 16:38:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 09 Dec 2023 19:19:01 GMT

Redirect headers

date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-ab5sznzy.c.2mdn.net/videoplayback/id/c1411e44ac79c65f/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896787/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5CFBE3340159FCFD0F306676B706E7CDF8100205.79AE87CE6BB597852C3D14E3EB05ECD7F6CFEB41/key/cms1/cms_redirect/yes/mh/v7/mip/185.193.64.66/mm/42/mn/sn-ab5sznzy/ms/onc/mt/1702149148/mv/m/mvi/2/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FCF 51 KB
19 KB 34ms
34ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 18:07:59 GMT

GET
H2 200 3003569786208439614
tpc.googlesyndication.com/simgad/ Frame A445 30 KB
30 KB 169ms
167ms Image
image/png 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3003569786208439614?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnETH9WW1PPLmKsXHxvzQ4lWHoaOg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702149540&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149540403&bpp=1&bdt=1129&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=3&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

b30c3534ea0f553b7b99d714b33878390aacec1181564a7131891929c32e8e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30327
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:17:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 19:19:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame A445 24 KB
9 KB 33ms
32ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:33:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A445 3 KB
1 KB 40ms
35ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:33:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A445 20 KB
8 KB 34ms
34ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:45:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A445 0
0 54ms
48ms Image
text/html 142.250.31.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKe9aKYWge3Td5mcK6tK4660MMDxXlr1gz7rybb_tX3kB072Em73v_T2UyEcVlN2PTTMLTDdDLaG4ec9M6Hc_QUScW5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702149540&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149540403&bpp=1&bdt=1129&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=3&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f99.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A445 202 KB
64 KB 100ms
94ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 19:19:01 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A445 36 KB
15 KB 38ms
33ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14788
x-xss-protection: 0
server: cafe
etag: 1899721059218863233
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 15:43:25 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 225E 0
54 B 218ms
129ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpyfvzh6&c=2235958246690&slotId=1117979123345&qqid=CMzcqZWJg4MDFcS50QQdLC4BQw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2081&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.119~videopreviewvisible.11s&ua_e=1&ape=1&ple=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame E030 51 KB
19 KB 33ms
32ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 18:07:59 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 14D7 0
54 B 212ms
129ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpyfvzfe&c=1406569731239&slotId=703284865619.5&qqid=CN-8qpWJg4MDFTY9Twgd4iYNvA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 14D7 41 KB
15 KB 33ms
32ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 15:53:36 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/456190d9c09965e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896815/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 14D7
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/456190d9c09965e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896815/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/456190d9c09965e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896815/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

89ms
28ms

Fetch
video/mp4

74.125.172.201
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/456190d9c09965e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896815/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1FEC3D945CA6224BA1269BA300A663EEA46C661C.095C08D0D9B8C366F6D2211C0AD6E37877C6A9E8/key/cms1/cms_redirect/yes/mh/4J/mip/185.193.64.66/mm/42/mn/sn-ab5sznze/ms/onc/mt/1702149148/mv/m/mvi/4/pl/24/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

74.125.172.201 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s41-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 19:19:01 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1715650
Last-Modified: Fri, 01 Dec 2023 16:37:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 09 Dec 2023 19:19:01 GMT

Redirect headers

date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/456190d9c09965e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896815/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1FEC3D945CA6224BA1269BA300A663EEA46C661C.095C08D0D9B8C366F6D2211C0AD6E37877C6A9E8/key/cms1/cms_redirect/yes/mh/4J/mip/185.193.64.66/mm/42/mn/sn-ab5sznze/ms/onc/mt/1702149148/mv/m/mvi/4/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 14D7 0
54 B 208ms
128ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpyfvzhz&c=1406569731239&slotId=703284865619.5&qqid=CN-8qpWJg4MDFTY9Twgd4iYNvA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2076&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.11r~videopreviewvisible.11u&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2658 143 B
166 B 35ms
33ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702149540&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149540403&bpp=1&bdt=1129&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=3&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 3548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 18:19:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A067 1 KB
643 B 36ms
35ms Document
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 3167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 18:26:14 GMT
etag: 48472445140208031
expires: Sun, 10 Dec 2023 18:26:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6301 23 KB
8 KB 36ms
35ms Document
text/html 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 99793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 15:35:48 GMT
expires: Sat, 07 Dec 2024 15:35:48 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 9CAE 23 KB
8 KB 36ms
35ms Document
text/html 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 99793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 15:35:48 GMT
expires: Sat, 07 Dec 2024 15:35:48 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A445 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa9bfcf73de9c62160d9e75b6af485c1e20c417c47d9714d46249eb513d18ac6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A445
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CPtr7pL10ZfaxG4uj_gSOhbCgCfnOzepoxuXrrJoQ2a_ulPIjEAEgz8ndb2D96KKB8AOgAZvnsf8DyAECqAMByAPJBKoE2gFP0KGcTskOxf408mOW-fnRW9U0rwGd-xSqLgs_imzlh2Zd9Oy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x96e193d51980d8720000000000000000%22,%222%22:%220xe07479f9b70e089a0000000000000000%22,%223%22:%220xe86ad7...

0
0

159ms
89ms

Fetch
text/css

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x96e193d51980d8720000000000000000%22,%222%22:%220xe07479f9b70e089a0000000000000000%22,%223%22:%220xe86ad7ae27f1b45c0000000000000000%22,%224%22:%220x528db239503fd5d50000000000000000%22,%225%22:%220xef31bd16af8dac640000000000000000%22},%22debug_key%22:%2210386347686321607213%22,%22debug_reporting%22:true,%22destination%22:%22https://cobblestonesoftware.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221072460699%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217649047195383476513%22}&andc=true

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x96e193d51980d8720000000000000000","2":"0xe07479f9b70e089a0000000000000000","3":"0xe86ad7ae27f1b45c0000000000000000","4":"0x528db239503fd5d50000000000000000","5":"0xef31bd16af8dac640000000000000000"},"debug_key":"10386347686321607213","debug_reporting":true,"destination":"https://cobblestonesoftware.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1072460699"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"17649047195383476513"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 19:19:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x96e193d51980d8720000000000000000","2":"0xe07479f9b70e089a0000000000000000","3":"0xe86ad7ae27f1b45c0000000000000000","4":"0x528db239503fd5d50000000000000000","5":"0xef31bd16af8dac640000000000000000"},"debug_key":"10386347686321607213","debug_reporting":true,"destination":"https://cobblestonesoftware.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1072460699"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"17649047195383476513"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A067
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQQlh4711VkbyVMFGnOYc5ck0E8qsrlV1FoStwy0naMx8vMCuwYE11uop0DGTyPk2pVDb11X4ddKgePRds5pxRZ_g60i5ndFfUTKqQ8XfVoDgT3g5eB9-1WMZ1wAKPNgrW7O3u-1Fb...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKX70qsGEgUI6AcQAEIASp4BZ29vZ2xlX3B1c2g9QVhjb09tUVFsaDQ3MTFWa2J5Vk1GR25PWWM1Y2swRThxc3JsVjFGb1N0d3kwbmFNeDh2TUN1d1lFMTF1b3AwREdUeVBrMnBWRGIxMVg0ZGRLZ2VQUm...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU2pna09LSDZWbm1BZEhkSTd0QmRUaUdnQzM2UDI5RWdMS0pqY3d0V3hFVQ==&google_push

170 B
188 B

44ms
43ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU2pna09LSDZWbm1BZEhkSTd0QmRUaUdnQzM2UDI5RWdMS0pqY3d0V3hFVQ==&google_push

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 19:19:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU2pna09LSDZWbm1BZEhkSTd0QmRUaUdnQzM2UDI5RWdMS0pqY3d0V3hFVQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A067
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESENkZx0A2I8tbIX1uP21sxSY&google_cver=1&google_push=AXcoOmTu9AOn_YjrOScOmHV7a0WdZ0jM8E9wCg_SSNZRnvOd_F2BafCoDj438AZnFe3IVkIH3hlspMmxinNpuRyQdIZouUyBEmIfcg_zT...
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LTg1aHJHV2NBWEtYeVBvb3BiMTBaUQ%3D%3D&google_push=AXcoOmTu9AOn_YjrOScOmHV7a0WdZ0jM8E9wCg_SSNZRnvOd_F2BafCoDj438AZnFe3IVkIH3hlspMmxinNpu...

170 B
188 B

43ms
43ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LTg1aHJHV2NBWEtYeVBvb3BiMTBaUQ%3D%3D&google_push=AXcoOmTu9AOn_YjrOScOmHV7a0WdZ0jM8E9wCg_SSNZRnvOd_F2BafCoDj438AZnFe3IVkIH3hlspMmxinNpuRyQdIZouUyBEmIfcg_zTOy8vrRw7jOscoeID7bSDp0XSx7honABOGvp5SKe

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 19:19:01 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LTg1aHJHV2NBWEtYeVBvb3BiMTBaUQ%3D%3D&google_push=AXcoOmTu9AOn_YjrOScOmHV7a0WdZ0jM8E9wCg_SSNZRnvOd_F2BafCoDj438AZnFe3IVkIH3hlspMmxinNpuRyQdIZouUyBEmIfcg_zTOy8vrRw7jOscoeID7bSDp0XSx7honABOGvp5SKe
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 287

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A067
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEH82WmrlQafK9fBbk5HGwA0&google_cver=1&google_push=AXcoOmTsVpZdFJF-DMX9Rce78_qaP8LxJ5TFhDaTqelPDo6duyxtT9xwjGnD6fEVnxv0CAG9yaUyQTlIfCdZmEv...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=YZjlBkkViBQJkpT4hpdhFk&tap=gAds&google_gid=CAESEH82WmrlQafK9fBbk5HGwA0&google_cver=1&google_push=AXcoOmTsVpZdFJF-DMX9Rce78_qaP8LxJ5TF...

170 B
188 B

44ms
44ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=YZjlBkkViBQJkpT4hpdhFk&tap=gAds&google_gid=CAESEH82WmrlQafK9fBbk5HGwA0&google_cver=1&google_push=AXcoOmTsVpZdFJF-DMX9Rce78_qaP8LxJ5TFhDaTqelPDo6duyxtT9xwjGnD6fEVnxv0CAG9yaUyQTlIfCdZmEv680lxxBVWmhrgJy6BzKQeEcv-y8I2h5YosHtgdEGryf3h8ah5tL_UYkrOmQ

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: HTTP/1.1 odnd
Date: Sat, 09 Dec 2023 19:19:01 GMT
Last-Modified: Wed, 06 Dec 2023 07:21:35 GMT
Content-Type: text/plain; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=YZjlBkkViBQJkpT4hpdhFk&tap=gAds&google_gid=CAESEH82WmrlQafK9fBbk5HGwA0&google_cver=1&google_push=AXcoOmTsVpZdFJF-DMX9Rce78_qaP8LxJ5TFhDaTqelPDo6duyxtT9xwjGnD6fEVnxv0CAG9yaUyQTlIfCdZmEv680lxxBVWmhrgJy6BzKQeEcv-y8I2h5YosHtgdEGryf3h8ah5tL_UYkrOmQ
Cache-Control: no-store, no-cache, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 0
X-Tb: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A067
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE7hT9BRNrZkQ-n9Mn8VO34&google_cver=1&google_push=AXcoOmSOi4XEEepNNtuxDf2jxjFeTO9LJ0dS_5iSKhikVnw3MgIkdFLI_XmrLhYum_E84zIFKLaKBre1c5MKQq9...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ii42SGGxXFpxchzhdlQPmLnBQEI&google_push=AXcoOmSOi4XEEepNNtuxDf2jxjFeTO9LJ0dS_5iSKhikVnw3MgIkdFLI_XmrLhYum_E84zIFKLaKBre1c5MKQq...

170 B
188 B

43ms
43ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ii42SGGxXFpxchzhdlQPmLnBQEI&google_push=AXcoOmSOi4XEEepNNtuxDf2jxjFeTO9LJ0dS_5iSKhikVnw3MgIkdFLI_XmrLhYum_E84zIFKLaKBre1c5MKQq90l_RDYhEboIEPdtG8azrmhxHc68pihS6HP7u18RDr892UzoVb7AX3ExZn2g

Requested by

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ii42SGGxXFpxchzhdlQPmLnBQEI&google_push=AXcoOmSOi4XEEepNNtuxDf2jxjFeTO9LJ0dS_5iSKhikVnw3MgIkdFLI_XmrLhYum_E84zIFKLaKBre1c5MKQq90l_RDYhEboIEPdtG8azrmhxHc68pihS6HP7u18RDr892UzoVb7AX3ExZn2g
Date: Sat, 09 Dec 2023 19:19:01 GMT
Connection: keep-alive
Content-Length: 288
Content-Type: text/html; charset=utf-8

GET
H2 200 trk
ag.innovid.com/ Frame A067 43 B
297 B 345ms
32ms Image
image/gif 54.208.142.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIcCPgKZdYlGYRDlCttvhzk&google_cver=1&google_push=AXcoOmRp5vQR4B7df7f3bykhVEhutCowvsDospRbX6Sz5-mGrb2lTJsteAWnLLGr2bT3Y-r9PRYkzPZ7k7pbYWrGwsBpsxDrmwB7GOoENkN9GVewz-dT2t7afoYPzEhhAaLFCyg6Iqf0MJ_SfQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702149540&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149540403&bpp=1&bdt=1129&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=3&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.142.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-142-99.compute-1.amazonaws.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A067
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEKBdvrQlE7YIzMZc26KELw4&google_cver=1&google_push=AXcoOmQ9zdHTXnpDM4rQW6grN816Jv93VdtAWC69gRE7FOlQps6tEVOiW8r_e2-vpe1UZsUgxhQs...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEKBdvrQlE7YIzMZc26KELw4&google_cver=1&google_push=AXcoOmQ9zdHTXnpDM4rQW6grN816Jv93VdtAWC69gRE7FOlQps6tEVOiW8r_e2-vpe1UZs...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=-DVXqrEHSiWMafEWoVuDGw==&no_redirect=1&google_push=AXcoOmQ9zdHTXnpDM4rQW6grN816Jv93VdtAWC69gRE7FOlQps6tEV...

170 B
188 B

48ms
47ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=-DVXqrEHSiWMafEWoVuDGw==&no_redirect=1&google_push=AXcoOmQ9zdHTXnpDM4rQW6grN816Jv93VdtAWC69gRE7FOlQps6tEVOiW8r_e2-vpe1UZsUgxhQskSL5Z3XrUADjNBVh4Zsaxon_LRpTxngJ869fT275wzstxPkfggyjMIhD03s_cn0I2aHvTIM

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=-DVXqrEHSiWMafEWoVuDGw==&no_redirect=1&google_push=AXcoOmQ9zdHTXnpDM4rQW6grN816Jv93VdtAWC69gRE7FOlQps6tEVOiW8r_e2-vpe1UZsUgxhQskSL5Z3XrUADjNBVh4Zsaxon_LRpTxngJ869fT275wzstxPkfggyjMIhD03s_cn0I2aHvTIM
date: Sat, 09 Dec 2023 19:19:01 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A067
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEOm6IQV80dTdDRM5HSxFkDs&google_cver=1&google_push=AXcoOmTbUjSvfcRalI5PPQIO5vqQPCYBbMs5plodWyke5Ti7d4W5D1573sH02ngzezWM35o-3jCQ5vMRr2g_0Pp...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=veqGXj2YJ06npSaqi7W90g&google_push=AXcoOmTbUjSvfcRalI5PPQIO5vqQPCYBbMs5plodWyke5Ti7d4W5D1573sH02ngzezWM35o-3jCQ5vMRr2g_0PpyhGn4OjQrC...

170 B
188 B

44ms
44ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=veqGXj2YJ06npSaqi7W90g&google_push=AXcoOmTbUjSvfcRalI5PPQIO5vqQPCYBbMs5plodWyke5Ti7d4W5D1573sH02ngzezWM35o-3jCQ5vMRr2g_0PpyhGn4OjQrC2JRJKxVlzFC_4Pz5Nu9IxOjCqE4j18D-jhwK5DyDwgBKdI0-8s

Requested by

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=veqGXj2YJ06npSaqi7W90g&google_push=AXcoOmTbUjSvfcRalI5PPQIO5vqQPCYBbMs5plodWyke5Ti7d4W5D1573sH02ngzezWM35o-3jCQ5vMRr2g_0PpyhGn4OjQrC2JRJKxVlzFC_4Pz5Nu9IxOjCqE4j18D-jhwK5DyDwgBKdI0-8s
Date: Sat, 09 Dec 2023 19:19:01 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A067 0
69 B 44ms
42ms Image
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQW8bOhlTVMPy6d87AhOY67uc__IO8agvYk46w0s1XlwEYpp5OWg5WqS-BTnqzW5ho4WDxBfU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2658
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:01 GMT
expires: Sat, 09 Dec 2023 19:19:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 file.mp4
r2---sn-ab5sznzy.c.2mdn.net/videoplayback/id/c1411e44ac79c65f/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896787/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 225E 4 MB
4 MB 56ms
27ms Media
video/mp4 74.125.174.135
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.174.135 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s49-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

9dab3e8b5fb97dfe20b7b0c49c28d15b887526898e6c4148482f362617af3d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 09 Dec 2023 19:19:01 GMT
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4282488/4282489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4282489
last-modified: Fri, 01 Dec 2023 16:38:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 206 file.mp4
r4---sn-ab5sznze.c.2mdn.net/videoplayback/id/456190d9c09965e9/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845896815/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 14D7 2 MB
2 MB 56ms
27ms Media
video/mp4 74.125.172.201
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.172.201 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s41-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

4a4257b3799a73c95caa30921186433c48cf1cfc34b2f30633b996770b8683dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 09 Dec 2023 19:19:01 GMT
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1715649/1715650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1715650
last-modified: Fri, 01 Dec 2023 16:37:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6301 39 KB
15 KB 33ms
33ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 15:37:01 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CAE 39 KB
15 KB 35ms
34ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 15:37:01 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 157ms
88ms Preflight
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 19:19:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C6E 51 KB
19 KB 33ms
33ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 18:07:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 225E 0
0 53ms
52ms Fetch
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CB6g-o710ZYz_J8TzxtYPrNyEmATuvoHEdM-r1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMBqgSDAk_QKNNZFiLS-WzabptJzBhVgUxMPklkVuh-keQ2o5PT4ctB_xHhIFTr8Dympdv-6YNQFI9mP0IqBMXKrEogA72-QfwEziOficL3aos1cnd6413KY2oIbrRwDDcxMKYm7nS2vtzFsNDTrk0WI5OnIYBK0a_xZdWQC_hHe_t0YVHeBpVbltFS6cWFA-lbvtJgnoeqUwajcIozjqHz6S68Ze49lqnBAwUGaeVsGuQTNIfUMlzym-XtMqnsK5OAtzXJ456OWnokoRqJPDNITP1cMZwE8GW1E3WZD8djWi3k5X1LaCjO2yBTfGpB6KLVRdqMvXq9SCsgSj2Pc5igcjEul764nyXABP3VuJO9BOAEA4gFuO3nrU2SBQQIAxgBkgUGCBsQARgBkgULCCIQAhgBSOjiiQKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB5qS6NUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQj-snGPjEvf0B0ggdCIBhEAEYHzICigI6AoBASL39wTpYyqSplYmDgwOACgHICwGiDBAqDgoM5LSxAu61sQK1uLECsBPJid4VyBP31fHjA9gTCogUA9gUAdAVAYAXAbIXHAoaCAASFHB1Yi01MjEzNDA3MTg4NDA2NzkwGADoFwU&sigh=1glpkrgAWm0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNBXkkzUmBjNfGbiWaiQQvFEZpFteUsYBvab1a4SsmiHY5gPywHiYlqBfu7VI-WLbwHXI27G3ksGFO-9tKX4GPj8aiPWnXje5lxhgB&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dc_oe=ChMI5q31lYmDgwMVwi-ICR2yUwDcEAAYACDBgp9iOhoIuoXQ1gIQ_dW4k70EGPfV8eMDIM-r1b_7EUITCMzcqZWJg4MDFcS50QQdLC4BQw;dc_rmcid=CAQSTgDICaaNBXkkzUmBjNfGbiWaiQQvFEZpFteUsYBvab1a4SsmiHY5gPywHiYlqBfu7VI-WLb...
ade.googlesyndication.com/ddm/activity/ Frame 225E 42 B
118 B 54ms
48ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5q31lYmDgwMVwi-ICR2yUwDcEAAYACDBgp9iOhoIuoXQ1gIQ_dW4k70EGPfV8eMDIM-r1b_7EUITCMzcqZWJg4MDFcS50QQdLC4BQw;dc_rmcid=CAQSTgDICaaNBXkkzUmBjNfGbiWaiQQvFEZpFteUsYBvab1a4SsmiHY5gPywHiYlqBfu7VI-WLbwHXI27G3ksGFO-9tKX4GPj8aiPWnXje5lxhgB;eps=CIBhEAEYHzICigI6AoBASL39wTpYyqSplYmDgwM;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D12%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D749073253%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702149541451;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 225E 42 B
64 B 56ms
54ms Image
image/gif 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CPrO6o710ZYz_J8TzxtYPrNyEmATuvoHEdM-r1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMByAObBKoEhgJP0CjTWRYi0vls2m6bScwYVYFMTD5JZFbofpHkNqOT0-HLQf8R4SBU6_A8pqXb_umDUBSPZj9CKgTFyqxKIAO9vkH8BM4jn4nC92qLNXJ3euNdymNqCG60cAw3MTCmJu50tr7cxbDQ065NFiOTpyGAStGv8WXVkAv4R3v7dGFR3gaVW5bRUunFhQPpW77SYJ6HqlMGo3CKM46h8-kuvGXuPZapwQMFBmnlbBrkEzSH1DJc8pvl7TKp7CuTgLc1yeOejlp6fKCAfK-hD94Rj6e9_2ZPH_pHD-aUwKNCRzSfR0Ah58PF4I1Y1yN1-2vCCDyb0uvwy2QRl51_LlPKTUfh2wRae7FQwAT91biTvQTgBAOIBbjt561NkAYBoAZOgAeakujVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOljKpKmViYODA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDQbATyYneFcgT99Xx4wPYEwqIFAPYFAHQFQH4FgGAFwHoFwU&sigh=3x-c6_I_iBk&label=part2viewed&ad_mt=13&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D12%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D749073253%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702149541451

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 225E 0
284 B 65ms
60ms Image
image/gif 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9mX0YyfpuaijMzPdSYcpkFAeHcAe9rDurE3K1hd1GfMGispBFfpAgGU6tjYdlhwFplXduuD__gxrEAmr9wmo0U9DkdwyLa9RfdO6NFDzOG6BgTmJwMeahaV4cyaAvExNr_4LXjq2EFF_aK0p1pWa6r5zt-34c5Tpv3uSKUrC3Mkc-UBv8P2Q1A_TNb5rDj0mk7nUPBFPh_Dq3jxdW3bqoR6wbzN_lHpItISnv3S_-rl1eMOk490J76WAaEWbQW_02XvRKxTbSF_ZNbjLmYxTUDhrPV2ENUMswRhsUmNVLmVS9l63SQWjNxOYXB2kmb7k8u2vPezb5D_jNVe5najPtYbYUrT2ZfpEwV3uTPn_twXz_nnZBZvkmjjRgT7cDpcEcXWwz8iIIDoYi_HyxK-53XJzxVWLNwtGpjJ5iXccMf5vbJ8q7cW-UYxTewVvuw3dKHs-wRJMeHge58yYINUbLix5-eUFeHB5ciBnaHl8T30BhVORtSan19QPeCwgoduEnjgFjqGoIlSQJSIwoRzr100WO0vVi8zxO4WG4TkSgEiHqPL0QuoW5PmmEab32cCRHRU0hVY5w8nPLnh8UiKs8yWSyK7hbTQlWbuLjM0pn3P1qHINP7i2Skds2cip3P4vByO53D5f95dga64Xoyzavh3Npzqht4Ko7arZk76KPgvPmsen3AB1fUQtRVg6ACT7bUGhq43Xbr-G87KIIIQ-9HQgyjd5ddcOnrT9ZSldre8Zo8Blu2wlhOwKTB7BeH2gECIOZ-iV57QeVad0e7yKMMjSsUHN4uXgg9QtjiKmp1QPS9CgC38UrZX--IEb4qI6kjKgM1LI9h4ZrMX0IZf_7ZLsVf9ngrACzUMYwemGyurNfNsoEdTV5aa7a37Zz631sJG8ljaFPOqQTr8FzMOgbdwjPqMs2TaCbxHp-caKD2LgA8XIBe7zZ8TxO2AL_7AuXmHQee4GT9y4OOtMsckrGI9A5hvGsfax_oHdUt0bx6ttaZ2vFuhCS6R6z_t6FL6vjvHIWN_AuqXSmAHnOmF_KhER3LwK3Nh0pAFtuT1zptbnsVtFisIagviijPL2ehN3AbO2VZVGp5WCs4ElBrHQlccLdf0OzQzfWBckfr92XLq8GeF6CY4YPvDUI891PE9kox518g-Xtd5cRV5EgV3EpqV2epTTZAze7La9X90K8Wbg4QWq0D_hOhdoOgR5s6qpcNPRrzXWsiLeaRFrLTH_Nhv59jo03nOlGgxmrxbJZwzvnesGs6lPfQU0rULAxEd0&sai=AMfl-YR2nMHcm7UMSsL0Pm7eTQc_JWq12tzVMGWj3Nt46MUFO7CwAzJdIi6yYmetD5u8q9Px1IVlXmTd_EErUjnyH_4fVvNj0gfZoWc1BUU19EgjpfzFhUchZ87B_qhu_Uv-WC48vo9FVelWokxxo5Li75nQRTYjqfA1gBkUaQTLQHzIbZHWcvdtKts-6tRh7KOcza7oST54qxI8bx6s6GCqPq9IejzV5GbNIRvQiFPojiEBne7W3nu7XU4AMlp52xZoXDFQaZwYWPW_OXdC_pydEgFUDG0VRD6M8NsASw&sig=Cg0ArKJSzDLUyspP9iGQEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 204
No Content visit.jpg
tps.doubleverify.com/ Frame 225E 0
162 B 407ms
52ms Image
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=10242044&cmp=30882301&sid=5513185&plc=380997543&num=&adid=&advid=10957991&adsrv=1&btreg=572617705&btadsrv=doubleclick&crt=206029121&crtname=&chnl=&unit=&pid=&uid=&tagtype=video&dvtagver=6.1.img&
Requested by: Host: surl.li
URL: https://surl.li/obljl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 19:19:01 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 12/08/2023 19:19:01

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 225E
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyAIxC6hdDWAhj4xL39ASABMAE&v=APEucNUQ1p9YZs9YvHuB3X7P5T8XoHw6hLuvpvTbgBypXkz-B1FpcKrMUfgRAaEip68g_naYC8632O32HF3fWXkhFQpqsHGCipwz7NvjLDTgOoawOfQhYak
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXS9pU7F0MPeeFEhBOZKQQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHUemcOQ7q5z5nTQw59b9Bo&google_cver=1

43 B
773 B

52ms
52ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHUemcOQ7q5z5nTQw59b9Bo&google_cver=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNkPi4iTYcsAKpvStCxotq3U8%2BjmJYqdX0PSsSG2ceIG2GVNIHGUjkydgaHJWMV3yKqhTrwckIW4V2FB9Fn2F%2FSKTi%2FpznA%2Bx6s8YzOpl9S7cyXJBBsWq%2F%2BZFbZzBrr49n19GnoFJNAshg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832f98ec1fbe33ef-YUL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHUemcOQ7q5z5nTQw59b9Bo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 225E 0
20 B 50ms
48ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 225E 42 B
64 B 52ms
49ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNVw2EIyw3s0-FANaizOevspDLnJK1r99aaKrzXBRSn79M37yfwmhzDSoYawG3VRFSY6TPxqc8ETijRUs8xTFDAam_AG6BUPSro39GiDdTDt8Ohpctf0Dg0nStCz22&sai=AMfl-YQIqtdMK0RmpstL9iRW3NMCXDD-khiBlamTPAQduIKf7IzS-ahJoG6zrZAxWwAcrNXdDzQs40wB-3cEok3h4dDREJjA5A57lS7coOJCXYzyj-3HIx9T79IOlb0i9H0UyfKcQa1be9h68MoLxH7H7tWsLjlJTSS1uAY&sig=Cg0ArKJSzEF9wtUC2mqFEAE&cid=CAQSTgDICaaNBXkkzUmBjNfGbiWaiQQvFEZpFteUsYBvab1a4SsmiHY5gPywHiYlqBfu7VI-WLbwHXI27G3ksGFO-9tKX4GPj8aiPWnXje5lxhgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D12%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D749073253%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702149541451&avm=1

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 225E 42 B
64 B 54ms
52ms Image
image/gif 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CPrO6o710ZYz_J8TzxtYPrNyEmATuvoHEdM-r1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMByAObBKoEhgJP0CjTWRYi0vls2m6bScwYVYFMTD5JZFbofpHkNqOT0-HLQf8R4SBU6_A8pqXb_umDUBSPZj9CKgTFyqxKIAO9vkH8BM4jn4nC92qLNXJ3euNdymNqCG60cAw3MTCmJu50tr7cxbDQ065NFiOTpyGAStGv8WXVkAv4R3v7dGFR3gaVW5bRUunFhQPpW77SYJ6HqlMGo3CKM46h8-kuvGXuPZapwQMFBmnlbBrkEzSH1DJc8pvl7TKp7CuTgLc1yeOejlp6fKCAfK-hD94Rj6e9_2ZPH_pHD-aUwKNCRzSfR0Ah58PF4I1Y1yN1-2vCCDyb0uvwy2QRl51_LlPKTUfh2wRae7FQwAT91biTvQTgBAOIBbjt561NkAYBoAZOgAeakujVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOljKpKmViYODA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDQbATyYneFcgT99Xx4wPYEwqIFAPYFAHQFQH4FgGAFwHoFwU&sigh=3x-c6_I_iBk&label=vast_creativeview&ad_mt=13&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D12%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D749073253%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702149541451

Requested by

Host: surl.li
URL: https://surl.li/obljl

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 225E 0
54 B 131ms
127ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lpyfvzht&c=2235958246690&slotId=1117979123345&qqid=CMzcqZWJg4MDFcS50QQdLC4BQw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2081&mt=video%2Fmp4&vs=1024x576&dm=15000&umsem=0&event_name=first_play&asset_bytes=190744&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=8&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1ex~ff.1fa~videopreviewstarted.1fc
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 14D7 0
0 56ms
54ms Fetch
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC0Zso710ZZ_fKLb6vPIP4s204AvuvoHEdK-q1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMBqgSAAk_QB1cjF7CBAovgOeflFhTbPhDQ_GgS9tlM-1DKPcEW_hixv1p9dL7hXbaOc2UB_QzpfSJdkTWagKVsw87njwIEPYYYdUXrjtp89eLQmLa-zd1yIEbCP6P2H-EtArt4OCmUPpjqoQw4xt539_gDf9UMyuNbnzNp__Vrz2DtuyAxDjdNRz3sBWz1lL5mq684GJ0JucNyazyHYAwrKj4byGx-sI9fNXPRZFui3ltOI5W1OT3z8UePELqdj43HHxDmSY99QfJbkE3Vc1FvutYC0Lq8jahKUrI1GdKH2XyhM9ZpObElKfVHSWrVtBiYCk27g4-nzhLM5l-KHtQBnmoxynLABP3VuJO9BOAEA4gFuO3nrU2SBQQIAxgBkgUGCBsQARgBkgULCCIQAhgBSOjiiQKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB5qS6NUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ2tk0GIzBvf0B0ggdCIBhEAEYHzICigI6AoBASL39wTpYooSqlYmDgwOACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxArATyYneFcgT99Xx4wPYEwqIFAPYFAHQFQGAFwGyFxwKGggAEhRwdWItNTIxMzQwNzE4ODQwNjc5MBgA6BcF&sigh=MRXkcQJSvug&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNJuJOGOzO3q37dbNv4uFLC6He5Vfzyuk9NivanlRG2U0rGD-YoJchYtYbTBx-5dpdbQEfEpvDSpPLufzRos7rZa6-T2gGJ4sUkiEYAQ&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1702149539&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149539476&bpp=2&bdt=202&idt=145&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=148
Attribution-Reporting-Eligible: event-source
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 118ms
53ms XHR
application/json 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

1154e5ff287d8e3c08cf2e0697d1b46e7335d4fb43b8950a33d95ba1859764fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12196
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 14D7 0
20 B 51ms
50ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIvfX2lYmDgwMV8QpoCB2FcQA9EAAYACDF4pRiOhoIuoXQ1gIQ_dW4k70EGPfV8eMDIK-q1b_7EUITCN-8qpWJg4MDFTY9Twgd4iYNvA;dc_rmcid=CAQSTwDICaaNJuJOGOzO3q37dbNv4uFLC6He5Vfzyuk9NivanlRG2U0rGD-YoJchYtYbTBx-5dp...
ade.googlesyndication.com/ddm/activity/ Frame 14D7 42 B
107 B 53ms
49ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvfX2lYmDgwMV8QpoCB2FcQA9EAAYACDF4pRiOhoIuoXQ1gIQ_dW4k70EGPfV8eMDIK-q1b_7EUITCN-8qpWJg4MDFTY9Twgd4iYNvA;dc_rmcid=CAQSTwDICaaNJuJOGOzO3q37dbNv4uFLC6He5Vfzyuk9NivanlRG2U0rGD-YoJchYtYbTBx-5dpdbQEfEpvDSpPLufzRos7rZa6-T2gGJ4sUkiEYAQ;eps=CIBhEAEYHzICigI6AoBASL39wTpYooSqlYmDgwM;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D12%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D829185478%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702149541467;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 14D7 42 B
64 B 56ms
54ms Image
image/gif 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CeBdOo710ZZ_fKLb6vPIP4s204AvuvoHEdK-q1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMByAObBKoEgwJP0AdXIxewgQKL4Dnn5RYU2z4Q0PxoEvbZTPtQyj3BFv4Ysb9afXS-4V22jnNlAf0M6X0iXZE1moClbMPO548CBD2GGHVF647afPXi0Ji2vs3dciBGwj-j9h_hLQK7eDgplD6Y6qEMOMbed_f4A3_VDMrjW58zaf_1a89g7bsgMQ43TUc97AVs9ZS-ZquvOBidCbnDcms8h2AMKyo-G8hsfrCPXzVz0WRbot5bTiOVtTk98_FHjxC6nY-Nxx8Q5kmPJUAA9QO3yeG9vCz3-UaQFmSa3LvhluC9JAierRvfQCFUltjH0YK9-5oAHIus1CBUTOA-1Ai4BD8vYk41UlENsBIwwAT91biTvQTgBAOIBbjt561NkAYBoAZOgAeakujVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOliihKqViYODA4AKAZgLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CQ0GwE8mJ3hXIE_fV8eMD2BMKiBQD2BQB0BUB-BYBgBcB6BcF&sigh=bPqlkn42U-Q&label=part2viewed&ad_mt=13&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D12%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D829185478%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702149541467

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1702149539&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149539476&bpp=2&bdt=202&idt=145&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 14D7 0
65 B 63ms
59ms Image
image/gif 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthBQoEqkZB7cX8ugFcoru9gf3a4mYfNxymFlNaW6jXnPolr3q7JX7VWGV4vHDa61B0b6Wf1Rs_AWILWLSZEqPRBWn7VgOGOnRQVC69x7rZQZAI7ivVj8PA9TU-zR8k34fJtlalNsxqixl-koNnE5XYrVGOeox698GrlZ-WIi7E5lvHWz9eVUAc2Sis0T76mjjhgXB8q8twAy8bfZLNi8Bd5u7YEMh9uALK4r0kE-qANf_f2Llgw63X2olyDJuhliyu18iSQuJgVCUJ9m8-uazWfMgWSaRePdzXJpBghvC-5QaTLLjbtSn6ieAVr8PslTFLNmZauPlEzUCj5D0HV1io5mQJ2EA-oZeMbw3iSXZkSg3KjN4rcTufZv4T6U8I9A70EPZVDHNeNZBpLdR6Y5nsGMmx7ONW2xh0dWdjje-aSYqDiS2X41uDpMZrZb1piILmwfvu8SzZoge7lEZbQ1VnXULC3k6ETvH1RdqF1XsrI7zUlJD-Cyat2c8-sLT1zt3jTRZJsFJmQxB4aSkc4p0AJr5N-O4Nf8PE0ajdmXTq2dbQ1eFbPqp1pKUfanrzzATEFITDizu7SgKMdKZUsJmqajrXyvisBtCtYZwbscPJoYGsCKggqCsCRKsfwkxA2gQKIeE2SoPVK54CESZ_z9lbFS8rGvTK_bcZ440pOYN_YJ_FONMAHtSq29-OMIfMs_jj_rgT-ioZ5BYvfGes8WWQbFpIffQl8-dFoVnMrlBwtofSEkUnhgkYYLvjKrgeiPfuf-J49bN77lzXdBItXwgBIq-HNFgHfpJazJ05fXiTJlXAqfUZJgQYjXAX1NDGOqgvp8e8K-hsXKVEFX9bj0TdpsGU_tv1WMNAsi3JnJG1s8aaUz4SJjUZo64mtiCKtD_kvFA_VFkeyr-fmvaN_ADeucuvwQuYzGOAKHWlS7JjPYj9pHzayRz_j5YcW3AvBrMVaBIzLsiEkzGGaWaaXUxy4X_W4dFmJKeoXtVn6FmlC26SW0dB_MkfCZV_kxmVY7C_oPbgapXm-gAhQYx3VL9pQJMlVV1QnxdJFFksyhXLYgDXuqGEw8d617zL9_IC0Xs8cR_sMZlwM7SmJigLhIUtOf4ngPybV0HrT98_47EudtWdy12t5apCPhd8CPuInSTdupTHgN68A79bVhk_y_dbLSNgxxgmBI1gfRyieC-MkCyq_AKoFWs2H3c93vFx9BfRst_CN2QWHe0_cInEwbiyz1mtOkEaN71wLE4-f07qs-no4dqEjuDJrRn6vlZFB1VMjA&sai=AMfl-YSFNv0k6eg6oWMT8TDVD12vm9D1ytwPfEE-U7k94uPDR6EZ5Qd2DE6tD6EvrguQOwEUS-UR7wxqUxDfsN12HtN5InwvMHsYMEMpf4JpT-r6WLE_t7ZVB86d_P91VbBUudkzzfzovnG7nxz_xl9iAlOHQkffa62WCnld7_vmdhUdZw3_HI0cF0TkhGWfOwg6DwNCUQDhyVZ4KIRWZZyWT-5Rm0_HhleldE9Zo97GgKGPo888tnBaluZn4AlIGViRnDJ5EnsqFqwsdyrqXyy5CftFSK3myfryqyd-FGrrCw&sig=Cg0ArKJSzBd0OujunPe7EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 204
No Content visit.jpg
tps.doubleverify.com/ Frame 14D7 0
162 B 398ms
53ms Image
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=10242044&cmp=30882301&sid=5513185&plc=380996475&num=&adid=&advid=10957991&adsrv=1&btreg=572613076&btadsrv=doubleclick&crt=205861189&crtname=&chnl=&unit=&pid=&uid=&tagtype=video&dvtagver=6.1.img&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 19:19:01 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 12/08/2023 19:19:01

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 14D7
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyAIxC6hdDWAhiMwb39ASABMAE&v=APEucNU8SkzoswwklGW2g-1WV8t89KQ-ryIxCpkEOHHdTFYPT6CPD1AmFSnvxLY9DRveTmV2kQfzTvtx3wNUT5RoFvie8XnCBv_5sM8-NE5kuI8rgS-haOs
https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MDU2ODUwNDI1MzMyNDQ2NA%3D%3D

170 B
188 B

43ms
42ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MDU2ODUwNDI1MzMyNDQ2NA%3D%3D

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
an-x-request-uuid: def72c0d-15f5-4020-902d-848f1ef06b39
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MDU2ODUwNDI1MzMyNDQ2NA%3D%3D
x-proxy-origin: 185.193.64.66; 185.193.64.66; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 14D7 42 B
64 B 51ms
50ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuepzXLKj9tM1ycSapPH2cKdgn0QMPjfZiCiaj-WKg3muTzcXzwXDApz3RDnongpkrJt-wtNBCsB2fWdBfl5sdqEpYcIKhGcsHI519coRGqujpURNWZN26yN9_C4NSK&sai=AMfl-YT1JWPt7ceLPi6DTaqp73QODrwwC6UDLz57w7XihYtH6XvbQX3hOMXtdIZ3D_s7q61w-oCKAk4BLuTOAWsUKUFSUWhNBEZOxAiywu2NnJEV-K6v72qwkY4Abdn8PJwY-8gxrQ_zpczCoNLp404Ul2hX8UBWOdUsjlbF&sig=Cg0ArKJSzDWDZ8UN7jkoEAE&cid=CAQSTwDICaaNJuJOGOzO3q37dbNv4uFLC6He5Vfzyuk9NivanlRG2U0rGD-YoJchYtYbTBx-5dpdbQEfEpvDSpPLufzRos7rZa6-T2gGJ4sUkiEYAQ&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D12%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D829185478%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702149541467&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 14D7 42 B
64 B 54ms
52ms Image
image/gif 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CeBdOo710ZZ_fKLb6vPIP4s204AvuvoHEdK-q1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMByAObBKoEgwJP0AdXIxewgQKL4Dnn5RYU2z4Q0PxoEvbZTPtQyj3BFv4Ysb9afXS-4V22jnNlAf0M6X0iXZE1moClbMPO548CBD2GGHVF647afPXi0Ji2vs3dciBGwj-j9h_hLQK7eDgplD6Y6qEMOMbed_f4A3_VDMrjW58zaf_1a89g7bsgMQ43TUc97AVs9ZS-ZquvOBidCbnDcms8h2AMKyo-G8hsfrCPXzVz0WRbot5bTiOVtTk98_FHjxC6nY-Nxx8Q5kmPJUAA9QO3yeG9vCz3-UaQFmSa3LvhluC9JAierRvfQCFUltjH0YK9-5oAHIus1CBUTOA-1Ai4BD8vYk41UlENsBIwwAT91biTvQTgBAOIBbjt561NkAYBoAZOgAeakujVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOliihKqViYODA4AKAZgLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CQ0GwE8mJ3hXIE_fV8eMD2BMKiBQD2BQB0BUB-BYBgBcB6BcF&sigh=bPqlkn42U-Q&label=vast_creativeview&ad_mt=13&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D12%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D829185478%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702149541467

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1702149539&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149539476&bpp=2&bdt=202&idt=145&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 14D7 0
54 B 130ms
127ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lpyfvzi3&c=1406569731239&slotId=703284865619.5&qqid=CN-8qpWJg4MDFTY9Twgd4iYNvA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2076&mt=video%2Fmp4&vs=1024x576&dm=6000&ple=1&umsem=0&event_name=first_play&asset_bytes=190920&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=8&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1f5~ff.1fc~videopreviewstarted.1fd
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 19:19:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CAE 0
20 B 49ms
49ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B4Hq0pL10Zb2TOPGVoPMPheOB6AMAAAAAOAHgBAI&bg=!eHulezTNAAY3kmNgF5I7ADQBe5WfOJHZlGY8uVKnxoXP6L0Dzq1zNsgbQJzJBR6aDHENu-B5H0vO7WuNOjlnbY0ClMTKAgAAARRSAAAAA2gBBwoAUpKlfxJo0qQtml8-LAMa_FgrbHzQwAHzkkKIpJA-5uYONlxo3L00aeC-nh3Lg0UyILwddZjhtzpf5p-Z1xTxa7gpPe-27C5w0q-l7F7wyOME4w-ZAzFYWpYbRMzrkNfy9MFDMRuPv3ifSJgRip8Ip9ooa7SMhASopmqCRQLvjqKdcwCWTweX0amEjdKB1QYjRCofw3281Fn5lOFQh4RATP1-G-rBMdkdYlEsosroSQXJNtjBtEXwWmxPgrnRl8Xa9wzOLFwPTuNmkl4xwgUAwyFPhIxhsshTgih-q1ZilcFNPjTD7xk8NKc5EeMXwUihwRHSgcThF8BHpbY1yd-zGBKqYv-IP_2VIQFiDi4BUWRxRtdpKBRRF6mMVVD807ypgTY6LKrsK-5uWzlUgfYxcecqfoiPFTY9GUliKr9hZo_prynHIgORGPQjYT6-XeQUQn2P1qdDGA33yp9uuUhKfBhOMUdAFyz0Wf3iI1gKPES8UZ6RzDGgtcG9rWS_aZDlJ4KsrDGTF9UIqYAaqWn5kwZW2F-UMWGhOoGrTkuMpzmNTGnQx20GgvopQw2uVC-2BfNsBnn8DOi0dJOQQascInbbpdleJB_st3xhCIN5hKOuXfpd0ObsU0usarj9malquoHIs5Tdk9tQ1_Dcn_xvZaS3FN_O2lJJJs6WHMYJ8FrE6eS3rYNQ2XcneLcDLn8i5pzJvSsxCDFzIFrxSiwEMecXnvZaBpg5POy0DNouxhnWGe5M8Jv_uDwMNQaRLOrjod4RdoWea4Gd8kjhNTVhgfvMHzqau85xh2VMHpqB2treDhFrQVkDyvCB4VdxpLiFk7bb3HBdivGrDYjHu-TD63Gk9WNvAsHJiD3HlSOpeisq6QOMNWIolAAtgsX9r-4hK-w4GFdLENt8f7A4buj1z4G3t5LJvBRKsr9RAbVxYDbRUHIY_TQOsxFjqgvfDxGopd82zUstiVjDRmO27doV6bBi5s9jI1XXTmZZTPuhC4gufa62aVsXf4j1WKGXHl09li4zPIGsz137GAAxtNBTT7VT_nG8TJi6If4ffQ-CSijoRopQKUG5ExTm2CjAwDhdSBnRBbXY-KX2hrlryH1DR75j1igmdYoXlrYDb5CmFqbejft7EhbSbvpUhELarky8XudUqtUUVJtsph_w4BHgtJfR9eFCXq8cA3qj6r_TcKyhWJLvi-Hn

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6301 0
20 B 49ms
49ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BbaNVpL10ZebLNsLfoPwPsqeB4A0AAAAAOAHgBAI&bg=!UlGlUR7NAAY3kmNgF5I7ADQBe5WfONZQzdoxvsnvZZY-5RKQnONyPTDQPz8KCw-2CuDPomLfaOGlCZGBVjTA6hw1hx9nAgAAATJSAAAAAmgBB5kDEz8ao60svBdsxhfTV8fHod2vzmxIgqWXIko3RQEjnYwUbeeCoOql8XnjuLmfLtJi1cHS-cZmXHs9U6-D32bp5__N5kHA3t-mDjOkykj6BYw-8Sws5ONIG-8fhFyEUE4-_wjJwqN2gU4dOC1WaCnZKaN-C413hXY9exfWQeggekQjQLtMnrd2fWpeyFgn3RHSk8bUF1SWR0-FoNUvgVDK7ibrXKiAfdi9d9aG5Yr32Z3IfkJFddCmI__OHXiN3LbQq7QXW0Z_kBn3qWireqHpVPDhHZ4HmX8kxHz99uEr8v4hkQKvBU2CAADHyMidY-K2n4zDXzN3REu5yXw-Ra0kQkTEzI_jdYVTN1BdlQHyyJyTxU7o9QkI51f2pLsqShEZn6fKopIofDy90v5jfoTcnTc6BT8sWBwKoO_xvzVtnLcH6rQHmKFLPShECHs5j37xk5TI4pUDQQ3zXlGxhN4WVO6zH8k6mPXCjOU1M7pTCZyUoC9ysohblSVZnj3iTDiYShB0oNBma24PJTLxTDBcInyY2izGJ6k9WeJi6rp5gGvaQrqNX50FF0m3zeu46Quo7dcwMwpjmqTQ8FJDco9jH1nzYnyvewkDHl7u8YgoEWlFPnJs5DbjdKWfHCvsWk6FlWXq-OmD5l17IAPzOrxFV4mnZMUJSmsJKn42xh87zm-46S4c0f5xarJnZHPg9HHYuB9Oo449qf8fEL9J73IGcjm8M8PASkhuygSDdnzg3ckbXvfQzB-CoNB_qVZveZ__6nwL8Ig9pMM7cIKSc1WQUf0dmT7pMJT_BCzRSrtwGpat8saM68joWalB1RzDU81LbQPR_eD0xl9-RhK_nznesWtRGikiteqZ_XnzOP_BiPOIKTcC5gNTdEDjOTAD6cS-nPrKJpohaZ0za8VeLvSdZ2ovunAVeb-KyukgDvXsuhlexfKgAvKTUJSWVFM5allKQTuAvhzoFvskz7vzGJOUL6w1WAjEZ2eWrndl9XUvChSHH9e6rFhPAJkdWjapadL_OZenvT2TotRZGGEapqUicn6W8Cs

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 895C 13 KB
5 KB 37ms
35ms Document
text/html 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 29316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 11:10:25 GMT
expires: Sun, 08 Dec 2024 11:10:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8DDB 829 B
559 B 48ms
48ms Document
text/html 142.250.31.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f99.1e100.net

Software

GSE /

Resource Hash

a0efae136ad7ed7e960efb43a9c052c3b3d881f5c8df5251ead100234b528dc5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VeRG2fkZ72-fbdyprtSQhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VeRG2fkZ72-fbdyprtSQhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:19:01 GMT
expires: Sat, 09 Dec 2023 19:19:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 895C 39 KB
15 KB 33ms
33ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 15:37:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8DDB 0
0 47ms
46ms Image
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=2247551875441548&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 895C 0
10 B 36ms
35ms Image
text/plain 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3qcWrA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:19:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=2247551875441548&bg=!QUKlQg3NAAY3kmNgF5I7ADQBe5WfOJENnjDeCczLQP8HcV3t6IE62ByreY5NHLVYr0mOz6vFG6B0hYjZS-xklwjCf7vGAgAAAIhSAAAAAmgBBwoAWM6lnViMYZdzm0OQZ-svjBuR3csNIgnJyPQkmSpc80t9aXuSTkACOO3e8QPwLQ8A4g-sMZh2T4ABMcGhjKf-96In6e0mv4H2qtMk68Tr21Gs5pbM23XwLfCZAv1GYWL-9SexelAppMaXu3drI9w6xPMFMwnlVidLmZ_9qFCZmL37qCS5dVbzF8-hDPWecLS7QhEaRsLWmmR94srVpvUf1WWXrB93y9d_LEXCXoRq1mdcpFsJ2VDMCTFc-V_hQ5nS8QnQxtaL6T_f-GqiNlyn7kAsMSJmg7JmuDctwJwsldoaWrtpcTVHkzR8JJjlrNOruj03KDqvKrrN3Ywh2OVY7z0apkF__8jxK3IiAn0Yhd_Tvp06_jkz-zeveL6tOTvvMLI-tK0WOKwnBqAT9MjJvLy8p05aT4HujomzZCap8OxrgHrEQ1ezaClgkfxomd2xY8oC9MxbpUQzFOa7wZyDbNXJAGgXfrf_nnbmJUX4HLPInUr5uS1EI1VqWMlhb0TBpyKdFTZarMUK9zJj6LfLJd_eaF0Z74bRfpB6Y3YWjxDsQtYgldY75gvX-mMG9d14SPuh1_SPWFv7_HuhML9Hh13VvlI-ZYPnHeMfoSN74AfWMO7sWSnXuILE1r0trhOrds7KvxrOnsM1-h3j1OBLegDX__R4idjIHRfFOlVw_cjE3k1zEZqdK2X6epdBX2_HE2aIdUXYFlhZiPsXDtga0hLsew9eEsAVr2XewrX1Go5sSphxspbILWUDyGvDeVGJM_tGen_JtwJeylKnHQDfLGab1dFlNW9K_5kCdRCroZdnMlQRyEI20kleKj3XLGLC1NnVezivH5slBVcNwYz4xEkIUNrMjCMap6mrbawDAB17Su2MifGipAb54Lj1CinYQNOhfOuoF2AN5sJVnOJ732t7BzDk0O2cqJy8JK5DxXJF_65Dov_Mi7O4UCs5LXakcHRMYA7O0ELtfwPrcngtKgYS9OCIq0i02Isa_Mc12ub8zi4SuVhewlGcsWXLR6P0I31uvntH5R2WRkZUzBF_qzN-eAJ0Hgiv4z5B_5w5h2pbIIP9zrCGl8290l6hmyBs8ENNK4wi6pDREBEuVwwhjil8s5JiX3DAbDUz4S4nCU_zgqyA4GmWiSc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 225E 0
17 B 130ms
130ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lpyfvzvb&c=2235958246690&slotId=1117979123345&qqid=CMzcqZWJg4MDFcS50QQdLC4BQw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2081&mt=video%2Fmp4&vs=1024x576&dm=15000&met.4=vfl.1lf
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 14D7 0
17 B 130ms
130ms Ping
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lpyfvzvl&c=1406569731239&slotId=703284865619.5&qqid=CN-8qpWJg4MDFTY9Twgd4iYNvA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2076&mt=video%2Fmp4&vs=1024x576&dm=6000&met.4=vfl.1kd
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIvfX2lYmDgwMV8QpoCB2FcQA9EAAYACDF4pRiOhoIuoXQ1gIQ_dW4k70EGPfV8eMDIK-q1b_7EUITCN-8qpWJg4MDFTY9Twgd4iYNvA;dc_rmcid=CAQSTwDICaaNJuJOGOzO3q37dbNv4uFLC6He5Vfzyuk9NivanlRG2U0rGD-YoJchYtYbTBx-5dp...
ade.googlesyndication.com/ddm/activity/ Frame 14D7 42 B
63 B 50ms
49ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvfX2lYmDgwMV8QpoCB2FcQA9EAAYACDF4pRiOhoIuoXQ1gIQ_dW4k70EGPfV8eMDIK-q1b_7EUITCN-8qpWJg4MDFTY9Twgd4iYNvA;dc_rmcid=CAQSTwDICaaNJuJOGOzO3q37dbNv4uFLC6He5Vfzyuk9NivanlRG2U0rGD-YoJchYtYbTBx-5dpdbQEfEpvDSpPLufzRos7rZa6-T2gGJ4sUkiEYAQ;eps=CIBhEAEYHzICigI6AoBASL39wTpYooSqlYmDgwM;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D1319,0,0,0,0%26mtos%3D1319,1319,1319,1319,1319%26amtos%3D0,0,0,0,0%26mcvt%3D1319%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1518%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D12%26pst%3D208%26dur%3D6016%26vmtime%3D1532%26dvs%3D1319%26dfvs%3D1319%26dvpt%3D1518%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1319,1319,1319,1319,1319%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D829185478%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1319;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1702149541467;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 14D7 42 B
64 B 52ms
52ms Image
image/gif 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CeBdOo710ZZ_fKLb6vPIP4s204AvuvoHEdK-q1b_7Ec-Ph_mUMRABIM_J3W9g_eiigfADyAEFqAMByAObBKoEgwJP0AdXIxewgQKL4Dnn5RYU2z4Q0PxoEvbZTPtQyj3BFv4Ysb9afXS-4V22jnNlAf0M6X0iXZE1moClbMPO548CBD2GGHVF647afPXi0Ji2vs3dciBGwj-j9h_hLQK7eDgplD6Y6qEMOMbed_f4A3_VDMrjW58zaf_1a89g7bsgMQ43TUc97AVs9ZS-ZquvOBidCbnDcms8h2AMKyo-G8hsfrCPXzVz0WRbot5bTiOVtTk98_FHjxC6nY-Nxx8Q5kmPJUAA9QO3yeG9vCz3-UaQFmSa3LvhluC9JAierRvfQCFUltjH0YK9-5oAHIus1CBUTOA-1Ai4BD8vYk41UlENsBIwwAT91biTvQTgBAOIBbjt561NkAYBoAZOgAeakujVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOliihKqViYODA4AKAZgLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CQ0GwE8mJ3hXIE_fV8eMD2BMKiBQD2BQB0BUB-BYBgBcB6BcF&sigh=bPqlkn42U-Q&label=videoplaytime25&ad_mt=1533&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D1319,0,0,0,0%26mtos%3D1319,1319,1319,1319,1319%26amtos%3D0,0,0,0,0%26mcvt%3D1319%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1518%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D12%26pst%3D208%26dur%3D6016%26vmtime%3D1532%26dvs%3D1319%26dfvs%3D1319%26dvpt%3D1518%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1319,1319,1319,1319,1319%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D829185478%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1319&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1702149541467

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1702149539&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fobljl&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702149539476&bpp=2&bdt=202&idt=145&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3119713424734&frm=20&pv=1&ga_vid=1939041536.1702149540&ga_sid=1702149540&ga_hid=2018367738&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31079928%2C44809530%2C95320885&oid=2&pvsid=2247551875441548&tmod=1351101531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 225E 42 B
64 B 50ms
50ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNVw2EIyw3s0-FANaizOevspDLnJK1r99aaKrzXBRSn79M37yfwmhzDSoYawG3VRFSY6TPxqc8ETijRUs8xTFDAam_AG6BUPSro39GiDdTDt8Ohpctf0Dg0nStCz22&sai=AMfl-YQIqtdMK0RmpstL9iRW3NMCXDD-khiBlamTPAQduIKf7IzS-ahJoG6zrZAxWwAcrNXdDzQs40wB-3cEok3h4dDREJjA5A57lS7coOJCXYzyj-3HIx9T79IOlb0i9H0UyfKcQa1be9h68MoLxH7H7tWsLjlJTSS1uAY&sig=Cg0ArKJSzEF9wtUC2mqFEAE&cid=CAQSTgDICaaNBXkkzUmBjNfGbiWaiQQvFEZpFteUsYBvab1a4SsmiHY5gPywHiYlqBfu7VI-WLbwHXI27G3ksGFO-9tKX4GPj8aiPWnXje5lxhgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2200%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D25%26pst%3D217%26dur%3D15018%26vmtime%3D2215%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2200%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D749073253%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1702149541451

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 14D7 42 B
64 B 49ms
49ms Image
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuepzXLKj9tM1ycSapPH2cKdgn0QMPjfZiCiaj-WKg3muTzcXzwXDApz3RDnongpkrJt-wtNBCsB2fWdBfl5sdqEpYcIKhGcsHI519coRGqujpURNWZN26yN9_C4NSK&sai=AMfl-YT1JWPt7ceLPi6DTaqp73QODrwwC6UDLz57w7XihYtH6XvbQX3hOMXtdIZ3D_s7q61w-oCKAk4BLuTOAWsUKUFSUWhNBEZOxAiywu2NnJEV-K6v72qwkY4Abdn8PJwY-8gxrQ_zpczCoNLp404Ul2hX8UBWOdUsjlbF&sig=Cg0ArKJSzDWDZ8UN7jkoEAE&cid=CAQSTwDICaaNJuJOGOzO3q37dbNv4uFLC6He5Vfzyuk9NivanlRG2U0rGD-YoJchYtYbTBx-5dpdbQEfEpvDSpPLufzRos7rZa6-T2gGJ4sUkiEYAQ&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D2121,0,0,0,0%26mtos%3D2121,2121,2121,2121,2121%26amtos%3D0,0,0,0,0%26mcvt%3D2121%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2320%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D13%26pst%3D208%26dur%3D6016%26vmtime%3D2335%26dtos%3D2121%26dtoss%3D1%26dvs%3D802%26dfvs%3D802%26dvpt%3D802%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777217%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D829185478%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2121&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1702149541467

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 19:19:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.surl.li/	1970-01-21 02:25:09	Name: _ga Value: GA1.2.1939041536.1702149540
.surl.li/	1970-01-20 16:50:35	Name: _gid Value: GA1.2.1984430724.1702149540
.surl.li/	1970-01-20 16:49:09	Name: _gat Value: 1
.surl.li/	1970-01-21 02:25:09	Name: _ga_BVLF49G8NB Value: GS1.2.1702149539.1.0.1702149539.0.0.0
surl.li/	1970-01-20 16:49:16	Name: XSRF-TOKEN Value: eyJpdiI6IlJBaFhtNDc3SllRdXdMRUtXeWpIU2c9PSIsInZhbHVlIjoiYnVYZzFPaUVLSGVtZnE1WTdJeE14QTllUlpnSU5XWkxXVmVTVXhhdS9MOU9Sa29mSU1YQitIRlNjRXdESzFrTEJHWlZ0RUtLajJWaUdIdnAraWFKd1EvYnFlcy9oelFjODJOd0sxZ1NrNlRGNjJNRTdMRVdRNzZOaXZxeXpiK2siLCJtYWMiOiI2YTAxYjc0Nzc4MTZlNDZiYzViZjQ2MDIwNjRmYTk1Yzk1NTNjNzU2YjkwNTYxMWYwODFkMDUwOGY4ZTEwNmMyIiwidGFnIjoiIn0%3D
surl.li/	1970-01-20 16:49:16	Name: surli_application_session Value: eyJpdiI6ImtueWVyZ0ZJc3RpZjRHQkhWTi9ZMVE9PSIsInZhbHVlIjoiaWo3MTNMY3UvS05mSGpLNFQvUXFjWFBvNTgrTmxTUmw1dWUwR29ucmlSOHIzb1ErYlVhVzFiZXlNdFprMkZiWm9vZEdkMy85UHFTZkRoeVVzS2oyZkpvaC9XeFJyazkwZTJNQ0xHbGhNdmRXTTBmcUNUaVRVd01XYlRQdENKbTkiLCJtYWMiOiJmZjhlZDIzZjFhYTc4MWZlZDA0MzVkZmRjMzdlNWVjMGFkZjFjYjU3Nzk0NWRjNmQwNjgxMTM0OGE1ZTE5MDc0IiwidGFnIjoiIn0%3D
.surl.li/	1970-01-21 02:10:45	Name: __gads Value: ID=4a9e9f2371719403:T=1702149539:RT=1702149539:S=ALNI_MYJLlgWqeGSxtLVALxnjbyYcGE0Ew
.surl.li/	1970-01-21 02:10:45	Name: __gpi Value: UID=00000da7e244fe6a:T=1702149539:RT=1702149539:S=ALNI_MZZ25a3FgGmbO1zRqbYGsDltbB-TA
.doubleclick.net/	1970-01-20 16:49:13	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 21:08:21	Name: APC Value: AfxxVi7zwz_qfgf1c3jpZy6_64SWEDFBFgdZy8fxggNmOPcY7vFk3A
.doubleclick.net/	1970-01-21 02:25:09	Name: IDE Value: AHWqTUkFMClsV8oUHDe7_crM9VV2CB8FGUz72_Og5F4HgByiI9LKT7Rvva6sS38gEQo
.rlcdn.com/	1970-01-21 01:34:45	Name: rlas3 Value: 4uqwt6TzKxHXmQpC8VrkXsGkyU0bDHC690xhGGdMTs0=
sync.srv.stackadapt.com/	1970-01-21 01:34:45	Name: sa-user-id Value: s%3A0-8a2e3648-61b1-5c5a-7172-1ce176540f98.NuCiospF4N1%2FrXhNJB6P6kJXMf9hN3vcJaerHtX4I7k
.srv.stackadapt.com/	1970-01-21 01:34:45	Name: sa-user-id Value: s%3A0-8a2e3648-61b1-5c5a-7172-1ce176540f98.NuCiospF4N1%2FrXhNJB6P6kJXMf9hN3vcJaerHtX4I7k
sync.srv.stackadapt.com/	1970-01-21 01:34:45	Name: sa-user-id-v2 Value: s%3Aii42SGGxXFpxchzhdlQPmLnBQEI.yob0%2BJnwQGGZ8RdEQg8BlV8pVcT2hVfouAiQtkVpUQc
.srv.stackadapt.com/	1970-01-21 01:34:45	Name: sa-user-id-v2 Value: s%3Aii42SGGxXFpxchzhdlQPmLnBQEI.yob0%2BJnwQGGZ8RdEQg8BlV8pVcT2hVfouAiQtkVpUQc
sync.srv.stackadapt.com/	1970-01-21 01:34:45	Name: sa-user-id-v3 Value: s%3AAQAKIMLZJpIns12AQbdcofVM6yLaXDXeTOM0wlWNyv6P8jehEHwYBCCl-9KrBjABOgQtwj9GQgRQTPt1.7qOlo%2BmRLoSDl2s20Z%2B7VN5I6z4HOxtpIIJs3fXWpzQ
.srv.stackadapt.com/	1970-01-21 01:34:45	Name: sa-user-id-v3 Value: s%3AAQAKIMLZJpIns12AQbdcofVM6yLaXDXeTOM0wlWNyv6P8jehEHwYBCCl-9KrBjABOgQtwj9GQgRQTPt1.7qOlo%2BmRLoSDl2s20Z%2B7VN5I6z4HOxtpIIJs3fXWpzQ
beacon.lynx.cognitivlabs.com/	1970-01-21 01:36:11	Name: UID Value: 5e86eabd-983d-4e27-a7a5-26aa8bb5bdd2
beacon.lynx.cognitivlabs.com/	1970-01-21 01:36:11	Name: ss Value: aeQIya8hrJXgx1zGE5%2F%2FsPi9tLp%2BnukWHvWhZJwlWIT17ZCWobYUwXUOpAmA6G4jAMFEfYglEgG8bMxr6%2BMJVw%3D%3D
.rlcdn.com/	1970-01-20 18:15:33	Name: pxrc Value: CKX70qsGEgUI6AcQABIGCOndKhAA
.innovid.com/	1970-01-20 18:58:45	Name: uuid Value: 6dcc0fb3-6d70-4394-9d58-900fcd3c0530-20231209 14:19:01
.googleadservices.com/	1970-01-20 18:58:45	Name: ar_debug Value: 1
.mfadsrvr.com/	1970-01-21 02:25:09	Name: tuuid Value: f83557aa-b107-4a25-8c69-f116a15b831b
.mfadsrvr.com/	1970-01-21 02:25:09	Name: c Value: 1702149541
.mfadsrvr.com/	1970-01-21 02:25:09	Name: tuuid_lu Value: 1702149541
.adnxs.com/	1970-01-20 18:58:45	Name: uuid2 Value: 7460568504253324464
.casalemedia.com/	1970-01-21 01:34:45	Name: CMID Value: ZXS9pU7F0MPeeFEhBOZKQQAA
.casalemedia.com/	1970-01-20 18:58:45	Name: CMPS Value: 3575
.casalemedia.com/	1970-01-20 18:58:45	Name: CMPRO Value: 3575
.mfadsrvr.com/	1970-01-21 02:25:09	Name: ssh Value: !google,1702149541
.c.appier.net/	1970-01-21 01:34:45	Name: _auid Value: -85hrGWcAXKXyPoopb10ZQ
.c.appier.net/	1970-01-20 17:32:21	Name: _gu Value: CAESENkZx0A2I8tbIX1uP21sxSY

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://surl.li/obljl Message: Mixed Content: The page at 'https://surl.li/obljl' was loaded over HTTPS, but requested an insecure element 'http://web-screen.com/img/plug.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://surl.li/obljl(Line 258) Message: Mixed Content: The page at 'https://surl.li/obljl' was loaded over HTTPS, but requested an insecure element 'http://web-screen.com/img/plug.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
ade.googlesyndication.com
ag.innovid.com
beacon.lynx.cognitivlabs.com
beacon.walmart.com
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
imasdk.googleapis.com
pagead2.googlesyndication.com
r2---sn-ab5sznzy.c.2mdn.net
r4---sn-ab5sznze.c.2mdn.net
rtb.mfadsrvr.com
stats.g.doubleclick.net
surl.li
sync.srv.stackadapt.com
tpc.googlesyndication.com
tps.doubleverify.com
web-screen.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.21.20.132
104.26.5.19
139.162.117.143
142.250.31.132
142.250.31.99
142.251.16.95
142.251.163.94
142.251.167.95
172.217.18.3
172.253.115.139
172.253.115.156
172.253.115.94
172.253.122.156
172.253.62.157
172.253.63.138
172.253.63.154
172.253.63.97
172.64.151.101
20.230.171.39
3.213.9.240
34.117.228.201
35.207.24.140
35.244.154.8
54.159.180.193
54.208.142.99
68.67.160.114
74.125.172.201
74.125.174.135
03b26c3a19858e9cf2dafc02349c62bb38a95350d642354b5ff209a7cd299548
0997163235857d5e2a588d5eebdbfdafa21b46b45b83e2747bffc2362a8509af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcb7e1b467b7302b382ec6c62d5e14fdfb283e94eb3256a1cf9aaaa61a90002
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1154e5ff287d8e3c08cf2e0697d1b46e7335d4fb43b8950a33d95ba1859764fe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a3c5691fca672b5f40d253b51bda07f0cd52f07000931a74ba5b64c99ea2b19
2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
476fbc2eb83910bea83e0210f8a4faa2b2d328ceaa66fa0b38c349ac982cbea0
4a4257b3799a73c95caa30921186433c48cf1cfc34b2f30633b996770b8683dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd717a19576bb662c2cc6fc5b2ba1fccf760251ce08003e73dac9b73e222816
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fcbd380cfe4653cf6146accc638be75cbcb555d30c003116e83c38121c60aed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379
6fb4b414ffb2806a57615c8609d66de2f60342fcfe95174f32d2f622fd794cfe
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae
74c723f0b678447057ab94584eadc054699477265a4dc4d2a34da4c53300e4e4
76f0b2a8c882b7960d942e4eb7cf99a72a2739bfc37c8259fb90e8a39a14ddad
856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a
8e8dd3c393053ad1416d1a6c346fa6bef5cc571f6ec2cbb479a4ead12f80848f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dab3e8b5fb97dfe20b7b0c49c28d15b887526898e6c4148482f362617af3d69
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0efae136ad7ed7e960efb43a9c052c3b3d881f5c8df5251ead100234b528dc5
aa9bfcf73de9c62160d9e75b6af485c1e20c417c47d9714d46249eb513d18ac6
acdfea62a4012473d5ee7b794bceceaab7b992cb84c13c0ac5d6d8c0f838c8c4
b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2059d0f36e3b59dd1957bbf7b43c6a5fb1e80a1a624816945f476220633cef7
b25ee29336e807030d8ac1731c5d295e08efbc1fc2feb33b54ac6a3d33dd0c00
b30c3534ea0f553b7b99d714b33878390aacec1181564a7131891929c32e8e94
bbffa94db304682f3327947145a9bc6e47ec9567ecb5df0fe4dab6c68c00051b
bfdb1043b8f42989b3777ec5eb10b7269ec988a0f5e50f4ac1f05ddfa828d14d
c4008ee3a5052996958e5fee5ed51965cb6e42977993526aa77f4794a288ca56
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2
d03b8dbcc23821d74a8f91c60b2c1ca1141a23c1d51680572626ae4b0fcec1fe
d4dc1eea94f490256231746e2c7a96041db56fb8221316cbcc90f6217fd758ef
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9df86b2da6caf485ccaf5f0a66ab7541b73efb0a09a53ed4e4ef8d73848e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16
fabc469d86a982f9b107e9dfbb5a68a90bf6233fe6fd5254a966a2afc7612974
fdec835653df1d5036d79d86215e6252d7448b59f1afa1cc840041f569796969

surl.li Open in urlscan Pro 104.26.5.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

93 %HTTPS

0 %IPv6

22 Domains

33 Subdomains

21 IPs

3 Countries

8269 kBTransfer

11235 kBSize

33 Cookies

8 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

surl.li Open in urlscan Pro
104.26.5.19 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

93 %
HTTPS

0 %
IPv6

22
Domains

33
Subdomains

21
IPs

3
Countries

8269 kB
Transfer

11235 kB
Size

33
Cookies

147 HTTP transactions
3 data transactions