www.steganos.com Open in urlscan Pro
194.147.131.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://proxy-us.steganos.com/browse.php
Effective URL:
https://www.steganos.com/en/free-online-web-proxy
Submission: On December 09 via manual (December 9th 2023, 9:01:14 pm UTC) from US — Scanned from US

Summary HTTP 186 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 39 domains to perform 186 HTTP transactions. The main IP is 194.147.131.26, located in Berlin, Germany and belongs to HSPEED-AS, DE. The main domain is www.steganos.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on May 5th 2023. Valid for: a year.

This is the only time www.steganos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	74.208.242.208 74.208.242.208	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
36	194.147.131.26 194.147.131.26	31276 (HSPEED-AS) (HSPEED-AS)
6	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.214.64 13.224.214.64	16509 (AMAZON-02) (AMAZON-02)
21	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
1 2	52.54.165.94 52.54.165.94	14618 (AMAZON-AES) (AMAZON-AES)
5	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
5 30	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
16	2606:4700:20:... 2606:4700:20::ac43:4abf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
1	2600:9000:25c... 2600:9000:25c8:fa00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7782:4718:9bfc:3344:bf82	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:ae80:147... 2606:ae80:1471:17::1080	25751 (VALUECLICK) (VALUECLICK)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2 2	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
11	2606:4700:303... 2606:4700:3034::6815:53c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	20.253.86.149 20.253.86.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	51.222.39.184 51.222.39.184	16276 (OVH) (OVH)
1 2	23.199.17.156 23.199.17.156	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.251.41.6 142.251.41.6	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2006	15169 (GOOGLE) (GOOGLE)
1 1	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.104.105.5 172.104.105.5	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:ef97:7d:cf8a:b882	14618 (AMAZON-AES) (AMAZON-AES)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1	3.228.157.65 3.228.157.65	14618 (AMAZON-AES) (AMAZON-AES)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
2 2	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	20.237.10.133 20.237.10.133	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
186	30

2 74.208.242.208 (Reynosa, Mexico) 2 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

proxy-us.steganos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 194.147.131.26 (Berlin, Germany)

ASN31276 (HSPEED-AS, DE)
PTR: web131-26.hspeed.net

www.steganos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-64.phl50.r.cloudfront.net

gen.sendtric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.165.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-165-94.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.251.35.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.132 (Jersey City, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::ac43:4abf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:fa00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7782:4718:9bfc:3344:bf82 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1471:17::1080 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.38.167.130 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.208.249.213 (Council Bluffs, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3034::6815:53c (United States)

ASN13335 (CLOUDFLARENET, US)

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.253.86.149 (Tappahannock, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.184 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.199.17.156 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-17-156.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.6 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.105.5 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1715-5.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:ef97:7d:cf8a:b882 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.157.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-157-65.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.159 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.237.10.133 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 ad.doubleclick.net — Cisco Umbrella Rank: 139	145 KB
38	steganos.com 2 redirects proxy-us.steganos.com www.steganos.com	988 KB
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	418 KB
16	rtbrain.app cdn.rtbrain.app — Cisco Umbrella Rank: 12545	1 MB
11	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 23165	7 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	107 KB
6	gstatic.com fonts.gstatic.com	207 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	319 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	2 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5624	989 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	606 B
2	inmobi.com 2 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 3950	924 B
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 1618	575 B
2	mediago.io 2 redirects trace.mediago.io — Cisco Umbrella Rank: 902	872 B
2	rfihub.com 2 redirects a.rfihub.com — Cisco Umbrella Rank: 2935 p.rfihub.com — Cisco Umbrella Rank: 825	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	848 B
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	960 B
1	temu.com 1 redirects www.temu.com — Cisco Umbrella Rank: 8551	517 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 7973	543 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 7197	641 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1014	35 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9014	292 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	715 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 8865	600 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	716 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	44 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	388 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1209	684 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	255 B
1	sendtric.com gen.sendtric.com — Cisco Umbrella Rank: 16736	10 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	93 KB
186	39

	Domain	Requested by
36	www.steganos.com	www.steganos.com
30	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
21	pagead2.googlesyndication.com	www.steganos.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net fw.adsafeprotected.com www.googletagservices.com
16	cdn.rtbrain.app	googleads.g.doubleclick.net
15	tpc.googlesyndication.com	pagead2.googlesyndication.com www.steganos.com tpc.googlesyndication.com googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.steganos.com
11	g.bidbrain.app	cdn.rtbrain.app
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	www.steganos.com
5	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
5	www.googletagservices.com	www.steganos.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	an.yandex.ru	2 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	b1sync.zemanta.com	2 redirects
2	c1.adform.net	2 redirects
2	ad.doubleclick.net	fw.adsafeprotected.com
2	sync.teads.tv	1 redirects
2	mweb.ck.inmobi.com	2 redirects
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	trace.mediago.io	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	s.tribalfusion.com
2	a.tribalfusion.com	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	fw.adsafeprotected.com	1 redirects www.steganos.com
2	proxy-us.steganos.com	2 redirects
1	www.temu.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	rtb.adentifi.com	googleads.g.doubleclick.net
1	s.uuidksinc.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	p.rfihub.com	1 redirects
1	a.c.appier.net	1 redirects
1	um.simpli.fi	1 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	a.rfihub.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	static.adsafeprotected.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	googleads.g.doubleclick.net
1	www.google-analytics.com	www.googletagmanager.com
1	gen.sendtric.com	www.steganos.com
1	www.googletagmanager.com	www.steganos.com
186	48

This site contains links to these domains. Also see Links.

Domain
steganos.zendesk.com
my.steganos.com
www.facebook.com
twitter.com
store.steganos.com
www.nero.com

Subject Issuer	Validity	Valid
*.steganos.com RapidSSL TLS RSA CA G1	`2023-05-05` - `2024-05-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
gen.sendtric.com Amazon RSA 2048 M02	`2023-10-13` - `2024-11-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
rtbrain.app Cloudflare Inc ECC CA-3	`2023-10-19` - `2024-10-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
bidbrain.app E1	`2023-11-02` - `2024-01-31`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.steganos.com/en/free-online-web-proxy
Frame ID: 1A584BD79C6FB697B74295F2C410F07E
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: A01BE2583742B07BBAE854858DDF26AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&adk=1812271804&adf=3025194257&lmt=1702155668&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155669055&bpp=8&bdt=954&idt=253&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7001033886283&frm=20&pv=2&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Frame ID: 69B06FB5E7FFDBFD23D1B4842BE0613D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Frame ID: 8D369B660E465B38AB6BA06311AFCB68
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2778695&pi=t.aa~a.2190036708~i.101~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=2&bdt=2139&idt=2&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=3&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=17
Frame ID: B0A88F361AE06CAB3229C9505EA0E1B8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.1786538880~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280&nras=4&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=4
Frame ID: 50DA00A20C8EB37FD24E5AE3AEFEFABF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11
Frame ID: FBC1B9640C6A133837A0A1BCC3DB877A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3023D612074CD05F13A9D5DC9051364F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ0Mm01AUYoqGQ_gEwAQ&v=APEucNXhYUba_oMaAGnNOgYNNADaBFyafjkPVDLDV3hTwve2qh79eN2Z9Oz6oNSDpxjb9a02GtC7f1NvDdeZR1cjp40BBBXBxQ
Frame ID: 8F7D9B1AEFA3F41CCEE7EF975696D789
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: E5A0E736627712265F38BD6BBAD9B2BF
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA14C15C5702635A66DFE8C3C3ADD645
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D6324A05F55FC46C911C3E565B8224F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 318BDBF07FDA9370038AF61E350FBD5D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A7ACE2BF803AC8277ACE81113862B0FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A43C375D3A8CA028407DFEDEAD07FFE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11E5EFA327E9880BB98B9CBAAB6F2500
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CCF88D511294A7B811BD01D187227060
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8558ECF87260B313B4AFE9769E4D55C5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Online Web Proxy

Page URL History Show full URLs

https://proxy-us.steganos.com/browse.php HTTP 302
https://proxy-us.steganos.com/index.php HTTP 302
https://www.steganos.com/en/free-online-web-proxy Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

186
Requests

84 %
HTTPS

39 %
IPv6

39
Domains

48
Subdomains

30
IPs

8
Countries

3788 kB
Transfer

6673 kB
Size

45
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://steganos.zendesk.com/hc/en-us
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://my.steganos.com/
Title: mySteganos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SteganosSoftware/

Search URL Search Domain Scan URL

URL: https://twitter.com/steganos

Search URL Search Domain Scan URL

URL: https://store.steganos.com/1234/purl-SOSINTXMAS23PROXY

Search URL Search Domain Scan URL

URL: https://www.nero.com/eng/products/nero-platinum/?vlang=en
Title: Nero Platinum Suite

Search URL Search Domain Scan URL

URL: https://www.nero.com/eng/products/nero-backitup/?vlang=en
Title: Nero BackItUp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://proxy-us.steganos.com/browse.php HTTP 302
https://proxy-us.steganos.com/index.php HTTP 302
https://www.steganos.com/en/free-online-web-proxy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENThWA-XX4c2J_WI5cTPkM&google_cver=1

Request Chain 76

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXTVloHzDnfIK2.ncyqB9QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGADtK87yobD5v8DX4n0DR0&google_cver=1&google_hm=2

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB2W35FAxoyRN-w-UiqyPgU&google_cver=1

Request Chain 78

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3ODMyODgwMzMwMDc3NTMwOQ%3D%3D

Request Chain 95

https://fw.adsafeprotected.com/rfw/bgd/1712960/76808492/xbbe/creative/adj?p=APEucNXFoNwqUQOvzqbbYkXE6wp0W1yhsw2J_vPd7G1wVztJH1lDIh8&d=CokBAKAmf-AhciWk5PWPRQI5XWUAQ4GHre3CeduCM1bkwUeldISv9ULJH6fRCwC7NTbbPXarlpF520llDeNlfZxPOmrkLtAkGOoajrTt93TPXM9H04F35G4oN7dZbkq9moQEmqj0yE8u1JS3rQt9UaQbPpID8hUphp03Xa1ZP9u9azmuNwHsXZKUjDMS2RQAoCZ_4KW87H4U5uACvI-JQJZm-dMzvuFxZGA2DVXBmfXMJsk36U_pOIpYtAjlZvgSsc6igu2aGkRedyhjp-DbD2Dd6eisJ8nARy9_xhJn1DEmCiFWdNCWIqSI-P5PqQwRcrnPp6-zIfLoQJdwxqtJFjnLzS-fjENXz23Ug0LKmV3kQmfukbRFZTyBUc_bMw39wS-ZFZs93NS2YSuKGSMMkKcZVzX9MIDNX8uP0NJRjJ1El1rJVKngy_aaXFTxxjaqMoQGUOuRp-sCjF9p_z_-xHWLRZDWywqRDBT6Kdu0TkszAc14HQv_dWIuUDoFe0D9uglgpsZ9H9h8Os8dGEXe6Qnp-m0k-zTMXT2-DEaAOxvRm7us6Lq-pMpaAFeEJGJgQ98g-JFcT3Fg-CGXvJikopPP7hoY_oiEdikIC76eAaPdNg2t4tAuf8gCSzzrRCgO18cJq_kxU6bil-ISDHc5CAjtEk3qg-WmCbtdMMHgcl-2GOKkQYm1IeYgvh6iu_qlJh1D_Y8TG33oq_2XVks9gsQo0d_gqFAmpcXAPvexoJYY2UOMkcGct10TG5fkEZ7LP7RHDEMORDiuxiI_1_L2No9yeOt4m22d8cQmgMG3rlgWT56XjQ2JcJeZKk6KE4cmeKhB_F54JpuxGiTqT_vckSYwx_ehvpTfFdLfXxEduDvGQ-leDyy0Y55_1MFxGXLf6HB4NnTGAq2f3KEjw_1YYvfhDZaPLSlfZWADzBLzy0Oj4dB9qKmDtoaPcEnD_I_59YYFmVkB02Bvj28qewR8vbBEEDN_41t0pe7Qr-zXYcCk8nNTmEkAeBVpGhnUyfkWO-yFyd_HabJCmG23S80PixYaZHdGvfvyRnn1JD68imS6LISjDMwLWKY_aYJbe8x16jomk5VqbZm2g5Cye87hQZsgN-zGk70CdmayZPCrx9SfytotzFvmd0VNDidr_n-eozm5SuzSym6d0hkLOjlXdy0CEFW8fE7cW8wHlu_O_lmm9k9AI6bY8Ub2x7Aw0R9uH5jJHpYr7-rgkbuLoR6ezq0qQwWLhs3m5jQ2sTyEvEcTEZVL3hHQfgt7-RULCWFxGFbAMZNT71X5rKT8TsvYesQ6Yr_xq24IiqXCCx0q3qYt9I_l5ozGjUzUSov2uDavFb_eSWG84p4DLB9uQUbeP-JPfl1EyfKPxPQnjlUkcn4q_-Gd9GY39J58F69gOAW6Gf1c7nOB6tOBvcEKqfIyyUmBr3IHLTzsSHdbjILCVRovVl5MaxsAumpQmdorlkzoQEki7gPyyr1TEFiAXsGFdCP2h1A_BZbxpDVXgyVcDYFMqvDFKzwI2WcdtfTJkA-D1iCjSSBMc04lMS7PZllPX5Eyvrb9tv0L2TETIUVc_0L7GPKMs62G5d2vk2i2NgmkgBSjSTvC6TfnAtevU0qO8qKLbnZsCCsX49607qicqOKKV4Y_MXFLDnod0oKH9p5WOAKz224tZsuwdy9yUvI1tHbROHZjENBWvtkeTZg7gBpQIw4QcNt6sTDL1cwNTCAraaI1co7ffRAaqYI5VdgGMUNvKC8hswwqCe9lAI2IFceZfRQ3uNV-29voF844EAReEmfAwC5rWCendm22HWYT1GkgXXQQGjQcwOBYTGo0FVjmuSzmKS-rJSAYB1o3lvnQoifbV74kGihG-OUKD3JtOE7HHROJ_x-MiHzeyRQGliIK3XsyeCCUbpVBh-B0b1pJ1qbZ2sutRxlRzLHQ9R9uLg-URzIQRcpdMt3BPtxaRI4EF5j1a2nao20N8CKM59v38FMRt12_XXrUbnoDkjqhCCRik9NSuE0gZBpy75sYKIqQdTmx__UqzVGVVfMQSAHOKaubCKJJtKR4K6_fva9pO_lwYfsVriscyrk11huS2VmFSsG1lsFaZlIyLvLDTjZ-P2ttu6W9J4bX3RH-gNmaVj82LF50B43YdNhrHYiTGPCFYaeAsBmiMp-OYALA5EqG2AbMD7CKU018dhoG6RpTTEDzGgmTRB_e4rAkKJJw6VVJdO4E2KP8mjCGQ5fzFdQEDlTsL0IsxlvSZms1DpKU5_iZVVZXQS53RsfEzyN8iKgnovB-NOxDOxmwVit3wjkZJZwnT174x5jQroRzThvHZi8GBQZi_c5lyByrrnBaKmQdoetRYwWE7Zjz2lMyoXtFLxFi9Mzn3XgrGgRARFUE7IorzaHVuruckdaJ9KZC7TFEY7CviZmxVA4YMoKa9vvanALfnvBmWzlolQZUUCvWJuX14FXmEbjp7c9qZcSaoC9-qOvoFw6FaYgTwHRrgbQ6WXN791pbwkJouPtTqHexkZvJH7WKgpXFBJadcw7Us0hj0vI6h8Ljyq4Uak-fYBB5eB-6DBpVAHzL8kSXPCdU2ycsSGB8sVGP-Wm7PyhLlYFdyTENgfJ7jGhwlaIOv-kS5_2L0CwTtJnfZSksYzVoQ6ggeuVwQJ3GMm2lfRZ81YWdTtVuKwD_iVwJllLC16riVqKFZr0CxU8WhHOzHuaoxum1gpLQCXajpaT9GED6lzuKfAL4eRACw9Gd52ZB_YoFjTtiwySZ1BAvh_nCuyvHj2PoSTGwskSsnrtoPnGRvnE-8mvQRoNid5OmEcQYI46qnmExRH_CgQtUNk_1Y7YtEKyCrGkqEh53V_oz3kpDiLVOLXgztpf9oCFzW-MKppS5GuuTQiwM_nchYH3r4O9FAhDjdGGpIR8W6jcsY8NS8aUCOrtq1n6Va4ShS8snwHTNNV1MqaLrnt8PAtyF0GGDKXi1hfGNLlkxw_zzoC5uGpNM8Orh3c1RVwXgUk4krrxao7f56qtppWZsA6j_IuI1g9vebyjs0wvTEilC3y58G8HsKssi5plreA7bkXLMeKK69N9tl1vUkR5v722ne6SWf8BzZKVBPytcufTJ8Ys8TsD4ISRkzD3rNnvk41P-j57wLHPhvLKAfOTCvqZ_AR0XuNfdQ72W_raaIMDP1oLUVo12I6-yKROhO_Rnmb3dc8AEZDYn-1gSmBZiyVMJz-63ALOA1H3qNwMaOtZDLQIh681z7zWdT9-uq5KnMDao_dmUFahGRYrkxYmEmKDBDjpGegZYC5nkEANxUSEueBa9EG3xHJYeFKg0RaD_vDRXmA1M5tDKoIQ3NvodP-w_y6Zs8ldz5ONRU5WM1uzuOWj1FMvhs-LbE8beCrhgxjeNMhzslwdSm_uSopn7TsARdHGcWhdR48iTsiUSrLoakeletav-Z6L7H7HCtvmePix6ZeRX38a-lgbFNPZjtX0S2Q_bbEX5JH04TA2iD4XKyS_gUjQX5lTk59jYLwq9-ppggdv2LUdIDILsNYzfTtGfKgVlxBJqxuJ5BPvBu1ssMIAjKuJVj2y5rfPR5D6ln1sEZEoTddIRpAkPnJXcbyaYGyLNIqizndH1vxWKm11bjs224wDaLPXUgkWqUsm8p0N5n0kBpB_R5jEfskbnufkWUiBPBP3b9TmAo1iJWNEotNxx1RN20bZYGcZfQfThMMPnoiFJQH_1cGMI3CgaVQgEEk8AyAmmjYG7fYVROIAOMHIL9x1EShWB7Cp27LqpPBzt_lgnXP4m-kkPmDjSXfrWU8PbHW8B5ebE75DohgX54q3VRWbPppVmKydj2YW9LiT6GAFgAQ&bundleId=&ias_dspID=3&ias_campId=1014946280&ias_pubId=pub-5666250300757408&ias_chanId=1&ias_placementId=20804038311&bidurl=https://www.steganos.com/en/free-online-web-proxy&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gdksnNvIKw-h2Epo1NwLJo&adsafe_url=https%3A%2F%2Fwww.steganos.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.steganos.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-5666250300757408%26fa%3D1%26ifi%3D6%26uci%3Da!6%26btvi%3D5&adsafe_type=be&adsafe_jsinfo=,id:34b38cb3-c206-1d8e-569e-ce9b69bcdc02,c:wiqcSX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b586bdd95-k984d,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tXYHJ76+11%7C12%7C13%7C14%7C15%7C16%7C171*.1712960-76808492%7C1711%7C1712%7C181%7C19,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:27,oid:14773b3c-96d6-11ee-a27c-7addb897545a,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXFoNwqUQOvzqbbYkXE6wp0W1yhsw2J_vPd7G1wVztJH1lDIh8&d=CokBAKAmf-AhciWk5PWPRQI5XWUAQ4GHre3CeduCM1bkwUeldISv9ULJH6fRCwC7NTbbPXarlpF520llDeNlfZxPOmrkLtAkGOoajrTt93TPXM9H04F35G4oN7dZbkq9moQEmqj0yE8u1JS3rQt9UaQbPpID8hUphp03Xa1ZP9u9azmuNwHsXZKUjDMS2RQAoCZ_4KW87H4U5uACvI-JQJZm-dMzvuFxZGA2DVXBmfXMJsk36U_pOIpYtAjlZvgSsc6igu2aGkRedyhjp-DbD2Dd6eisJ8nARy9_xhJn1DEmCiFWdNCWIqSI-P5PqQwRcrnPp6-zIfLoQJdwxqtJFjnLzS-fjENXz23Ug0LKmV3kQmfukbRFZTyBUc_bMw39wS-ZFZs93NS2YSuKGSMMkKcZVzX9MIDNX8uP0NJRjJ1El1rJVKngy_aaXFTxxjaqMoQGUOuRp-sCjF9p_z_-xHWLRZDWywqRDBT6Kdu0TkszAc14HQv_dWIuUDoFe0D9uglgpsZ9H9h8Os8dGEXe6Qnp-m0k-zTMXT2-DEaAOxvRm7us6Lq-pMpaAFeEJGJgQ98g-JFcT3Fg-CGXvJikopPP7hoY_oiEdikIC76eAaPdNg2t4tAuf8gCSzzrRCgO18cJq_kxU6bil-ISDHc5CAjtEk3qg-WmCbtdMMHgcl-2GOKkQYm1IeYgvh6iu_qlJh1D_Y8TG33oq_2XVks9gsQo0d_gqFAmpcXAPvexoJYY2UOMkcGct10TG5fkEZ7LP7RHDEMORDiuxiI_1_L2No9yeOt4m22d8cQmgMG3rlgWT56XjQ2JcJeZKk6KE4cmeKhB_F54JpuxGiTqT_vckSYwx_ehvpTfFdLfXxEduDvGQ-leDyy0Y55_1MFxGXLf6HB4NnTGAq2f3KEjw_1YYvfhDZaPLSlfZWADzBLzy0Oj4dB9qKmDtoaPcEnD_I_59YYFmVkB02Bvj28qewR8vbBEEDN_41t0pe7Qr-zXYcCk8nNTmEkAeBVpGhnUyfkWO-yFyd_HabJCmG23S80PixYaZHdGvfvyRnn1JD68imS6LISjDMwLWKY_aYJbe8x16jomk5VqbZm2g5Cye87hQZsgN-zGk70CdmayZPCrx9SfytotzFvmd0VNDidr_n-eozm5SuzSym6d0hkLOjlXdy0CEFW8fE7cW8wHlu_O_lmm9k9AI6bY8Ub2x7Aw0R9uH5jJHpYr7-rgkbuLoR6ezq0qQwWLhs3m5jQ2sTyEvEcTEZVL3hHQfgt7-RULCWFxGFbAMZNT71X5rKT8TsvYesQ6Yr_xq24IiqXCCx0q3qYt9I_l5ozGjUzUSov2uDavFb_eSWG84p4DLB9uQUbeP-JPfl1EyfKPxPQnjlUkcn4q_-Gd9GY39J58F69gOAW6Gf1c7nOB6tOBvcEKqfIyyUmBr3IHLTzsSHdbjILCVRovVl5MaxsAumpQmdorlkzoQEki7gPyyr1TEFiAXsGFdCP2h1A_BZbxpDVXgyVcDYFMqvDFKzwI2WcdtfTJkA-D1iCjSSBMc04lMS7PZllPX5Eyvrb9tv0L2TETIUVc_0L7GPKMs62G5d2vk2i2NgmkgBSjSTvC6TfnAtevU0qO8qKLbnZsCCsX49607qicqOKKV4Y_MXFLDnod0oKH9p5WOAKz224tZsuwdy9yUvI1tHbROHZjENBWvtkeTZg7gBpQIw4QcNt6sTDL1cwNTCAraaI1co7ffRAaqYI5VdgGMUNvKC8hswwqCe9lAI2IFceZfRQ3uNV-29voF844EAReEmfAwC5rWCendm22HWYT1GkgXXQQGjQcwOBYTGo0FVjmuSzmKS-rJSAYB1o3lvnQoifbV74kGihG-OUKD3JtOE7HHROJ_x-MiHzeyRQGliIK3XsyeCCUbpVBh-B0b1pJ1qbZ2sutRxlRzLHQ9R9uLg-URzIQRcpdMt3BPtxaRI4EF5j1a2nao20N8CKM59v38FMRt12_XXrUbnoDkjqhCCRik9NSuE0gZBpy75sYKIqQdTmx__UqzVGVVfMQSAHOKaubCKJJtKR4K6_fva9pO_lwYfsVriscyrk11huS2VmFSsG1lsFaZlIyLvLDTjZ-P2ttu6W9J4bX3RH-gNmaVj82LF50B43YdNhrHYiTGPCFYaeAsBmiMp-OYALA5EqG2AbMD7CKU018dhoG6RpTTEDzGgmTRB_e4rAkKJJw6VVJdO4E2KP8mjCGQ5fzFdQEDlTsL0IsxlvSZms1DpKU5_iZVVZXQS53RsfEzyN8iKgnovB-NOxDOxmwVit3wjkZJZwnT174x5jQroRzThvHZi8GBQZi_c5lyByrrnBaKmQdoetRYwWE7Zjz2lMyoXtFLxFi9Mzn3XgrGgRARFUE7IorzaHVuruckdaJ9KZC7TFEY7CviZmxVA4YMoKa9vvanALfnvBmWzlolQZUUCvWJuX14FXmEbjp7c9qZcSaoC9-qOvoFw6FaYgTwHRrgbQ6WXN791pbwkJouPtTqHexkZvJH7WKgpXFBJadcw7Us0hj0vI6h8Ljyq4Uak-fYBB5eB-6DBpVAHzL8kSXPCdU2ycsSGB8sVGP-Wm7PyhLlYFdyTENgfJ7jGhwlaIOv-kS5_2L0CwTtJnfZSksYzVoQ6ggeuVwQJ3GMm2lfRZ81YWdTtVuKwD_iVwJllLC16riVqKFZr0CxU8WhHOzHuaoxum1gpLQCXajpaT9GED6lzuKfAL4eRACw9Gd52ZB_YoFjTtiwySZ1BAvh_nCuyvHj2PoSTGwskSsnrtoPnGRvnE-8mvQRoNid5OmEcQYI46qnmExRH_CgQtUNk_1Y7YtEKyCrGkqEh53V_oz3kpDiLVOLXgztpf9oCFzW-MKppS5GuuTQiwM_nchYH3r4O9FAhDjdGGpIR8W6jcsY8NS8aUCOrtq1n6Va4ShS8snwHTNNV1MqaLrnt8PAtyF0GGDKXi1hfGNLlkxw_zzoC5uGpNM8Orh3c1RVwXgUk4krrxao7f56qtppWZsA6j_IuI1g9vebyjs0wvTEilC3y58G8HsKssi5plreA7bkXLMeKK69N9tl1vUkR5v722ne6SWf8BzZKVBPytcufTJ8Ys8TsD4ISRkzD3rNnvk41P-j57wLHPhvLKAfOTCvqZ_AR0XuNfdQ72W_raaIMDP1oLUVo12I6-yKROhO_Rnmb3dc8AEZDYn-1gSmBZiyVMJz-63ALOA1H3qNwMaOtZDLQIh681z7zWdT9-uq5KnMDao_dmUFahGRYrkxYmEmKDBDjpGegZYC5nkEANxUSEueBa9EG3xHJYeFKg0RaD_vDRXmA1M5tDKoIQ3NvodP-w_y6Zs8ldz5ONRU5WM1uzuOWj1FMvhs-LbE8beCrhgxjeNMhzslwdSm_uSopn7TsARdHGcWhdR48iTsiUSrLoakeletav-Z6L7H7HCtvmePix6ZeRX38a-lgbFNPZjtX0S2Q_bbEX5JH04TA2iD4XKyS_gUjQX5lTk59jYLwq9-ppggdv2LUdIDILsNYzfTtGfKgVlxBJqxuJ5BPvBu1ssMIAjKuJVj2y5rfPR5D6ln1sEZEoTddIRpAkPnJXcbyaYGyLNIqizndH1vxWKm11bjs224wDaLPXUgkWqUsm8p0N5n0kBpB_R5jEfskbnufkWUiBPBP3b9TmAo1iJWNEotNxx1RN20bZYGcZfQfThMMPnoiFJQH_1cGMI3CgaVQgEEk8AyAmmjYG7fYVROIAOMHIL9x1EShWB7Cp27LqpPBzt_lgnXP4m-kkPmDjSXfrWU8PbHW8B5ebE75DohgX54q3VRWbPppVmKydj2YW9LiT6GAFgAQ&bundleId=&ias_xappb=

Request Chain 121

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOufR3LdKxSCwQ6cL13MwsA&google_cver=1&google_push=AXcoOmRqIANlZ52zyqADDN5-T5t6-FSoVezrQ0lNCaNLTWcDxo647bpDKu4fMczPK9X4XKKfuU43YznAr3MM-AAQeIn_OVY2ntD3T2oaMOeTz5vqgogpW8qPvfO7fHwLr_nGjSTYvOkaGyhjhA HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5d258391cc3f051c&is_secure=true&networkId=14000&version=1&google_gid=CAESEOufR3LdKxSCwQ6cL13MwsA&google_cver=1&google_push=AXcoOmRqIANlZ52zyqADDN5-T5t6-FSoVezrQ0lNCaNLTWcDxo647bpDKu4fMczPK9X4XKKfuU43YznAr3MM-AAQeIn_OVY2ntD3T2oaMOeTz5vqgogpW8qPvfO7fHwLr_nGjSTYvOkaGyhjhA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABg6CNUpwtfQNhNygYAAAAAAA&expiration=1702242071&google_cver=1&is_secure=true&google_gid=CAESEOufR3LdKxSCwQ6cL13MwsA&google_push=AXcoOmRqIANlZ52zyqADDN5-T5t6-FSoVezrQ0lNCaNLTWcDxo647bpDKu4fMczPK9X4XKKfuU43YznAr3MM-AAQeIn_OVY2ntD3T2oaMOeTz5vqgogpW8qPvfO7fHwLr_nGjSTYvOkaGyhjhA

Request Chain 122

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEr1CtU3hBkyxjLzivq33cw&google_cver=1&google_push=AXcoOmS5dNpYXoKVtxjw2pJ0yAhH6nEYBx-ysNm_43_1XFvRdxcuNqufXMMq2Ixu-FsNuZyEPMTbbcY-X7C5dr3he0eGW1qjJnUmY1p_BFFo_sa7d5npngNT9YPjLLqf2wr3YH9828tW0TR_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS5dNpYXoKVtxjw2pJ0yAhH6nEYBx-ysNm_43_1XFvRdxcuNqufXMMq2Ixu-FsNuZyEPMTbbcY-X7C5dr3he0eGW1qjJnUmY1p_BFFo_sa7d5npngNT9YPjLLqf2wr3YH9828tW0TR_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEr1CtU3hBkyxjLzivq33cw&google_cver=1&google_push=AXcoOmS5dNpYXoKVtxjw2pJ0yAhH6nEYBx-ysNm_43_1XFvRdxcuNqufXMMq2Ixu-FsNuZyEPMTbbcY-X7C5dr3he0eGW1qjJnUmY1p_BFFo_sa7d5npngNT9YPjLLqf2wr3YH9828tW0TR_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS5dNpYXoKVtxjw2pJ0yAhH6nEYBx-ysNm_43_1XFvRdxcuNqufXMMq2Ixu-FsNuZyEPMTbbcY-X7C5dr3he0eGW1qjJnUmY1p_BFFo_sa7d5npngNT9YPjLLqf2wr3YH9828tW0TR_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 123

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGQnpTV7VbCQQ-rFpjUQEQY&google_cver=1&google_push=AXcoOmRpXZ4gqIp02mNjdHS2fwH7u60vbYC2HlzD4kAu8xakiQv2FDn54HffSrs2JEQYDcsIpUSZAdn7z0jkis-ySdNCpKVO-eHC439bKOhuf1XtCyrmpkERUiD1-HArU1Izqf4XNRr7t_pMEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGQnpTV7VbCQQ-rFpjUQEQY&google_push=AXcoOmRpXZ4gqIp02mNjdHS2fwH7u60vbYC2HlzD4kAu8xakiQv2FDn54HffSrs2JEQYDcsIpUSZAdn7z0jkis-ySdNCpKVO-eHC439bKOhuf1XtCyrmpkERUiD1-HArU1Izqf4XNRr7t_pMEw

Request Chain 125

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDaULj4m5bNrydFSZS_GJPg&google_cver=1&google_push=AXcoOmSS_57DnZHyaGidfH7Dfc8YrpCJNe2qacnEt-ZLjkj2Qh0k-Z0MjaDtdB-U28Pt45OA9kyy9xWKJrVUg6e-ppC2dVmgEvPhCAystBqjp51aT7OsngabP4RCe_82HqraGX04-XFbuVr8FCg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSS_57DnZHyaGidfH7Dfc8YrpCJNe2qacnEt-ZLjkj2Qh0k-Z0MjaDtdB-U28Pt45OA9kyy9xWKJrVUg6e-ppC2dVmgEvPhCAystBqjp51aT7OsngabP4RCe_82HqraGX04-XFbuVr8FCg&google_hm=Nzc0NTAyMzI5NTE5MzgxMjQwMQ==

Request Chain 126

https://an.yandex.ru/mapuid/google/CAESEKcLSTi8adOmoHmjdHCv0Qs?ext-param=AXcoOmRlBCnJymxF_H9aVNKVzwXOTFqgwD9L7lAXkRDwP9FX-FCRH4BXHRYKbEPtgjoPRw_syrN0bLv-0OWU7t-IWffv5pt9RiQEu6726AnKXZ9y_uvAlnj_OXp5x0DU4-R_lX8dNsMSjl1ZCQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEKcLSTi8adOmoHmjdHCv0Qs?redir-setuniq=1&ext-param=AXcoOmRlBCnJymxF_H9aVNKVzwXOTFqgwD9L7lAXkRDwP9FX-FCRH4BXHRYKbEPtgjoPRw_syrN0bLv-0OWU7t-IWffv5pt9RiQEu6726AnKXZ9y_uvAlnj_OXp5x0DU4-R_lX8dNsMSjl1ZCQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKcLSTi8adOmoHmjdHCv0Qs&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 127

https://trace.mediago.io/cs/google?google_gid=CAESEIoRJfCnUdifS_HSmeQIekQ&google_cver=1&google_push=AXcoOmQUQAVYhxcTHgDCHUIPG-h3BSHcZpeEYFQdrWRhuxXcNsEqqllzWRW8XtIkZTibM_Fr7nIwK-n4_EE6FK2wrjjS8mbh5eVRbRFbjqwxYRNfE_m9NKpP4c6mIsInpSdkTG5TnkMSxozXyng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQUQAVYhxcTHgDCHUIPG-h3BSHcZpeEYFQdrWRhuxXcNsEqqllzWRW8XtIkZTibM_Fr7nIwK-n4_EE6FK2wrjjS8mbh5eVRbRFbjqwxYRNfE_m9NKpP4c6mIsInpSdkTG5TnkMSxozXyng&google_hm=81fa84b7df61f537184vao00lpyjjdlk

Request Chain 131

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOJx5mljelUsNVX_M4Ry0Ko&google_cver=1&google_push=AXcoOmSYOHucQty_-1lS0XNmZ8y28NTRoXmzZrXaggkGrZmu41LeInNQ-cjCnieRiKdBfR0t-g_2uSr8qTXRVmJyg0pyloZdFkcZfUo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSYOHucQty_-1lS0XNmZ8y28NTRoXmzZrXaggkGrZmu41LeInNQ-cjCnieRiKdBfR0t-g_2uSr8qTXRVmJyg0pyloZdFkcZfUo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOJx5mljelUsNVX_M4Ry0Ko&google_cver=1&google_push=AXcoOmSYOHucQty_-1lS0XNmZ8y28NTRoXmzZrXaggkGrZmu41LeInNQ-cjCnieRiKdBfR0t-g_2uSr8qTXRVmJyg0pyloZdFkcZfUo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSYOHucQty_-1lS0XNmZ8y28NTRoXmzZrXaggkGrZmu41LeInNQ-cjCnieRiKdBfR0t-g_2uSr8qTXRVmJyg0pyloZdFkcZfUo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 133

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEL9ZSf7n17H9jhy_xaDDWC0&google_cver=1&google_push=AXcoOmSjHGYdSGlsc0-qe1xJwfH4kemF6NiEtTOJZylOmxRyyKybTbKSuqgopezDzctaMRb-ShbAV40_glTg8cZOZVf9YYG3tyxTeQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZDIyZWE1OTQtMzJlMS00ODc3LWFmNDUtYWE5NjA2ODQ5NzNh&google_gid=CAESEL9ZSf7n17H9jhy_xaDDWC0&google_cver=1&google_push=AXcoOmSjHGYdSGlsc0-qe1xJwfH4kemF6NiEtTOJZylOmxRyyKybTbKSuqgopezDzctaMRb-ShbAV40_glTg8cZOZVf9YYG3tyxTeQ

Request Chain 134

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEH2lrV7Vbj7HYOh5WL9-cF4&google_cver=1&google_push=AXcoOmR44Fy6coB9yyvRL1WyuCzaYg43mkbvE_txPvj5YwlQ1HCXxG5zfTR-pW_gnj9rU9KuEO_jLkSUotAa769sBQ_ndKJzAjx_xw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862498241481&us_privacy=1---

Request Chain 135

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPO5c_vAsarZ9z6WHA5pPa8&google_cver=1&google_push=AXcoOmTP6IJB33wqOD0P3hp021ceFgCg5XQXt4tYnbGqHrMAghz6U86a910YmcnO-ZPJ7KM18iLzbbINa8dbD--QxnVneaNbg-s4lmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTP6IJB33wqOD0P3hp021ceFgCg5XQXt4tYnbGqHrMAghz6U86a910YmcnO-ZPJ7KM18iLzbbINa8dbD--QxnVneaNbg-s4lmA

Request Chain 136

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIzNecQQJRK1-iqoXLZfNQY&google_cver=1&google_push=AXcoOmTr5CsP_TBz3eX_-PEB6HJo6xkl1EUI8Jm1MswkZy5AH1MNVbMORinuyhdI6oSGtvAmeSSeV33LGR5WAuEKCWSvRHKn5wKt0A9L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OWIwYzE3NTktNDg4NC00Y2MwLTk0YjUtNTAyZjk0NzM0M2Vj&google_push=AXcoOmTr5CsP_TBz3eX_-PEB6HJo6xkl1EUI8Jm1MswkZy5AH1MNVbMORinuyhdI6oSGtvAmeSSeV33LGR5WAuEKCWSvRHKn5wKt0A9L HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 137

https://trace.mediago.io/cs/google?google_gid=CAESEM_osDwkW4azWNEwWdNuwZY&google_cver=1&google_push=AXcoOmTuqs8BwwIZixzDff6Qa73iowoPbsu0iIoub2t5kwhu17DO-lSUwJoHiR7dD_0XwDsBdmlSldstLeB5nkiND1iWD5Suph-pYjUd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTuqs8BwwIZixzDff6Qa73iowoPbsu0iIoub2t5kwhu17DO-lSUwJoHiR7dD_0XwDsBdmlSldstLeB5nkiND1iWD5Suph-pYjUd&google_hm=81fa84b7df61f53715df0d00lpyjjdll

Request Chain 148

https://um.simpli.fi/gp_match?google_gid=CAESEDLEp3n-pxjvR_-vCBr2qcI&google_cver=1&google_push=AXcoOmQL7MlhztNJlGzmXzpDpztcBVy2GifNTE-wLaUwmQDWirN6MpFI3U6zqDaOvCz3QHn8zDLf7mdvZJqQ3AcQbKQGh6I5HCcL2XQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C0D48FBEFF74B30902D96EDC729DA70&google_push=AXcoOmQL7MlhztNJlGzmXzpDpztcBVy2GifNTE-wLaUwmQDWirN6MpFI3U6zqDaOvCz3QHn8zDLf7mdvZJqQ3AcQbKQGh6I5HCcL2XQ

Request Chain 149

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESECiJM4IydWMH5LjtCoFvxU8&google_cver=1&google_push=AXcoOmRSgjcT04hT61Inltk7BZyd4W33h7fW6mQNF1WRbwTPOaDDDpg44T2cDUkYSrwkokWcMSdI8dxjkevK1MSPQMsiFER1mvcJYhxh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjlhNzQxNDgtZmIwYi00Yzk2LTk5NzktMmNmYjM3MWRlOGIy&google_gid=CAESECiJM4IydWMH5LjtCoFvxU8&google_cver=1&google_push=AXcoOmRSgjcT04hT61Inltk7BZyd4W33h7fW6mQNF1WRbwTPOaDDDpg44T2cDUkYSrwkokWcMSdI8dxjkevK1MSPQMsiFER1mvcJYhxh

Request Chain 150

https://a.c.appier.net/gcm?google_gid=CAESEJEVOKaC4wcdwWpXy5Gfjec&google_cver=1&google_push=AXcoOmRt9TizJEeT5Y9NWSbk6Q-cegUZWQDVERgyd_SI03cNfsW3cF2FaatjE7KhBKEg5xAhfUttZ2yh4TIlOQJYfDFiiyRC7pYFbu3L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MlNTMjQ1SGRBcXVGYXlYR2w5VjBaUQ%3D%3D&google_push=AXcoOmRt9TizJEeT5Y9NWSbk6Q-cegUZWQDVERgyd_SI03cNfsW3cF2FaatjE7KhBKEg5xAhfUttZ2yh4TIlOQJYfDFiiyRC7pYFbu3L

Request Chain 151

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELOyUx-zyj5yyaMqDLdXSpw&google_cver=1&google_push=AXcoOmTZ2L6DU1C4Ni4Oeo1ixAm0S1urazpB_bv7DYTWePp_ieYmkk_vuj4OhOMg3DTvJ9IwrgQnYVEl42ylMvR_qZ-_cm3koAC_5Qc HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELOyUx-zyj5yyaMqDLdXSpw&google_cver=1&google_push=AXcoOmTZ2L6DU1C4Ni4Oeo1ixAm0S1urazpB_bv7DYTWePp_ieYmkk_vuj4OhOMg3DTvJ9IwrgQnYVEl42ylMvR_qZ-_cm3koAC_5Qc HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=7745023295193812401&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTZ2L6DU1C4Ni4Oeo1ixAm0S1urazpB_bv7DYTWePp_ieYmkk_vuj4OhOMg3DTvJ9IwrgQnYVEl42ylMvR_qZ-_cm3koAC_5Qc&google_hm=EjMcBFYxRZGsONsYkxJoGw==

Request Chain 152

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMJCBhuH9b3r_XOPjERFaqs&google_cver=1&google_push=AXcoOmRGZO7PrIU6b3WkOYnRYamQUxXqZ2LLExz7zxjN_ymrKF13qZAdP3W9pOM2H8479eLlnYcrMIPw7iJ17l8ifXOa1HBi6vM_Bm92 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRGZO7PrIU6b3WkOYnRYamQUxXqZ2LLExz7zxjN_ymrKF13qZAdP3W9pOM2H8479eLlnYcrMIPw7iJ17l8ifXOa1HBi6vM_Bm92&google_hm=eS1fdi4uRHVCRTJwSExHWlZ4aVNGbWNNekhlSkE4WU8wS35B

Request Chain 153

https://s.uuidksinc.net/match/47/?remote_uid=CAESEDk1FzLau9ZyVOUSKg6g1Qo&c_param1=AXcoOmSnh6Sm61IcC_OGdx5G6BHtQm_gWlHH7JBI2xmnfjzn3qavntji7jWU3iwBdfjF0mFTVwSghNQHZp4tNfakmQrnicX-9JOFiquK&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSnh6Sm61IcC_OGdx5G6BHtQm_gWlHH7JBI2xmnfjzn3qavntji7jWU3iwBdfjF0mFTVwSghNQHZp4tNfakmQrnicX-9JOFiquK

Request Chain 154

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENt_D6jNjxwJ0eoLaNeY48s&google_cver=1&google_push=AXcoOmQe__EGk-CS3U0szPYLZrM2Gnb1TtOG4WrBxj3YCavJla65hO5ZMeL93CKJGMF1X1jxeHJyyo5i_TkR1cSaBNPaIsTNgSJbjSNx HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENt_D6jNjxwJ0eoLaNeY48s&google_cver=1&google_push=AXcoOmQe__EGk-CS3U0szPYLZrM2Gnb1TtOG4WrBxj3YCavJla65hO5ZMeL93CKJGMF1X1jxeHJyyo5i_TkR1cSaBNPaIsTNgSJbjSNx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI5MDYxMzQ1MzU2MjAxOTY4MQ&google_push=AXcoOmQe__EGk-CS3U0szPYLZrM2Gnb1TtOG4WrBxj3YCavJla65hO5ZMeL93CKJGMF1X1jxeHJyyo5i_TkR1cSaBNPaIsTNgSJbjSNx

Request Chain 161

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKWxQQ0QEOoa24q54HkNZmc&google_cver=1&google_push=AXcoOmRngOVGkiz1jFUsoY6CuWPtORq8F_0SuMacEik_oGp2xUblJet2QHY9211bGSdF7wBhadYlvl5njWaqmRliJ_H8HMeKl2y5SQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhUVmx3QUZ1bDJld2dCZA==&google_gid=CAESEKWxQQ0QEOoa24q54HkNZmc&google_cver=1&google_push=AXcoOmRngOVGkiz1jFUsoY6CuWPtORq8F_0SuMacEik_oGp2xUblJet2QHY9211bGSdF7wBhadYlvl5njWaqmRliJ_H8HMeKl2y5SQ

Request Chain 162

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJFqx8yIFgYxLACOqqSnQL4&google_cver=1&google_push=AXcoOmSmk9BQGBmFjVEexC8Qbz06drYuJssZ243CMTE7ctUzf3Z5XXqKTYvEBLXC5Uu48HpxpAslP6PXea47yEATtEX6jmsiRNx-aeI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSmk9BQGBmFjVEexC8Qbz06drYuJssZ243CMTE7ctUzf3Z5XXqKTYvEBLXC5Uu48HpxpAslP6PXea47yEATtEX6jmsiRNx-aeI&google_hm=hmV01Zde_ZgszMOt8w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6574D5975EFD982CCCC3ADF3BLIS

Request Chain 165

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJFYFdTcrmOv8_eexlFdnpQ&google_cver=1&google_push=AXcoOmTI0Cv-oHuRZQsR3rmmTs8pkpfulm2qDiqML-g1HaYfmU6xHlpZxKXcskPL0xpEP9Nv0LeFr7g5WDrN29055bJMyRMTp69cFg HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJFYFdTcrmOv8_eexlFdnpQ&google_push=AXcoOmTI0Cv-oHuRZQsR3rmmTs8pkpfulm2qDiqML-g1HaYfmU6xHlpZxKXcskPL0xpEP9Nv0LeFr7g5WDrN29055bJMyRMTp69cFg&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTI0Cv-oHuRZQsR3rmmTs8pkpfulm2qDiqML-g1HaYfmU6xHlpZxKXcskPL0xpEP9Nv0LeFr7g5WDrN29055bJMyRMTp69cFg&google_hm=V21hTkVnWEZ5bE12cW9qSVdVWjY=

Request Chain 166

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEHVSgLG7pG2Q9Sis7-f5pcg&google_cver=1&google_push=AXcoOmT4KZsVeyIlLS23twjpW6l3ppcRiJtJZlF6Qp5B73S9ckyRZcgGHxCLpqCEvueUrkj8pnBD3Ka3P5KG30PdU5vhrh1vRjZ8IZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTcyMTU5OTU4MzcyNDU5OTM0MTk&google_push=AXcoOmT4KZsVeyIlLS23twjpW6l3ppcRiJtJZlF6Qp5B73S9ckyRZcgGHxCLpqCEvueUrkj8pnBD3Ka3P5KG30PdU5vhrh1vRjZ8IZU

Request Chain 167

https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEPgFmG0_IWczeVOh-vpFlHo&google_cver=1&google_push=AXcoOmSZbpC_uqz3uBIzd4MuRX1Pr-k7h1eHzqFBvcpOVsgqeRBNJeBmcx2SnvgMXXhiASbZ9URJi6hMEKIiXZutJPR4AVpP6EPKS5yj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSZbpC_uqz3uBIzd4MuRX1Pr-k7h1eHzqFBvcpOVsgqeRBNJeBmcx2SnvgMXXhiASbZ9URJi6hMEKIiXZutJPR4AVpP6EPKS5yj

186 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request free-online-web-proxy Show response
www.steganos.com/en/
Redirect Chain

https://proxy-us.steganos.com/browse.php
https://proxy-us.steganos.com/index.php
https://www.steganos.com/en/free-online-web-proxy

65 KB
21 KB

691ms
303ms

Document
text/html

194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

03c7f745eb1cf36cc88fd626fb7e6a51ee3127b0c50d99498841e377692fb5ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20694
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Dec 2023 21:01:07 GMT
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 09 Dec 2023 21:01:08 GMT
Pragma: no-cache
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 21:01:07 GMT
last-modified: Mon, 15 Jul 2019 01:45:43 GMT
location: https://www.steganos.com/en/free-online-web-proxy
pragma: no-cache
server: nginx
x-powered-by: PHP/8.0.30 PleskLin

GET
H/1.1 200
OK template.css
www.steganos.com/templates/ja_simpli/css/ 211 KB
34 KB 233ms
128ms Stylesheet
text/css 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/templates/ja_simpli/css/template.css

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

5f11e5c21c34d76c6fd734b7d5c9bd1fbf18bd418d0413defdcd96f4aea31a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Sep 2023 12:30:20 GMT
Server: Apache/2.4.56 (Debian)
ETag: "34d95-604afe81d7884-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34461

GET
H/1.1 200
OK custom.css
www.steganos.com/templates/ja_simpli/css/ 21 KB
5 KB 337ms
114ms Stylesheet
text/css 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/templates/ja_simpli/css/custom.css

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

fbbd28acf6b90aa7a60d2b64287e3bc7bd9f461a8537f3de6f1b964dc10aa1a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Sep 2023 12:11:08 GMT
Server: Apache/2.4.56 (Debian)
ETag: "55ee-604afa3779e0b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4344

GET
H/1.1 200
OK jabuilder.css
www.steganos.com/plugins/system/jabuilder/assets/css/ 2 KB
1 KB 335ms
112ms Stylesheet
text/css 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/plugins/system/jabuilder/assets/css/jabuilder.css

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

3b70807f9f9dc454eac9a09afc51044fb2159ba3ef66cabcadb90bdb4740faf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 24 Aug 2020 07:09:54 GMT
Server: Apache/2.4.56 (Debian)
ETag: "829-5ad9a45f7f480-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 803

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 101ms
41ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 21:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 21:01:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 21:01:08 GMT

GET
H/1.1 200
OK cpnb-style.min.css
www.steganos.com/plugins/system/cookiespolicynotificationbar/assets/css/ 13 KB
3 KB 346ms
112ms Stylesheet
text/css 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/plugins/system/cookiespolicynotificationbar/assets/css/cpnb-style.min.css

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

2e888ba7b574bba12a58ece7defe1491888fe147636c4e53f42c27aa85ba47f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 03 Dec 2023 23:05:38 GMT
Server: Apache/2.4.56 (Debian)
ETag: "32d2-60ba30a32ef3a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2943

GET
H/1.1 200
OK balloon.min.css
www.steganos.com/plugins/system/cookiespolicynotificationbar/assets/css/ 13 KB
2 KB 361ms
115ms Stylesheet
text/css 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/plugins/system/cookiespolicynotificationbar/assets/css/balloon.min.css

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

7e33e9cc8f9710cdf66432edcf19ed0d8a257a7c217ce15500fd8fd64c44b5e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 03 Dec 2023 23:05:38 GMT
Server: Apache/2.4.56 (Debian)
ETag: "340b-60ba30a32ef3a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1424

GET
H/1.1 200
OK jquery.min.js Show response
www.steganos.com/media/jui/js/ 95 KB
34 KB 460ms
124ms Script
application/javascript 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/media/jui/js/jquery.min.js?22f9d445b68051c3f4db41231b3587a7

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Jul 2023 14:23:20 GMT
Server: Apache/2.4.56 (Debian)
ETag: "17d6e-5fffa7dbd0600-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34137

GET
H/1.1 200
OK jquery-noconflict.js Show response
www.steganos.com/media/jui/js/ 21 B
349 B 457ms
111ms Script
application/javascript 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/media/jui/js/jquery-noconflict.js?22f9d445b68051c3f4db41231b3587a7

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Jul 2023 14:23:20 GMT
Server: Apache/2.4.56 (Debian)
ETag: "15-5fffa7dbd0600"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 21

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.steganos.com/media/jui/js/ 10 KB
4 KB 541ms
180ms Script
application/javascript 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/media/jui/js/jquery-migrate.min.js?22f9d445b68051c3f4db41231b3587a7

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Jul 2023 14:23:20 GMT
Server: Apache/2.4.56 (Debian)
ETag: "2748-5fffa7dbd0600-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4014

GET
H/1.1 200
OK scrolltotop_jq.js Show response
www.steganos.com/media/plg_system_sl_scrolltotop/js/ 1 KB
925 B 476ms
115ms Script
application/javascript 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/media/plg_system_sl_scrolltotop/js/scrolltotop_jq.js

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

2e1467831a581bdb5d6f5aa1a1ee5642546f5c5b946ac6b32dbaf6b75941ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 09 Sep 2020 12:28:33 GMT
Server: Apache/2.4.56 (Debian)
ETag: "42d-5aee0970b1e83-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 543

GET
H/1.1 200
OK caption.js Show response
www.steganos.com/media/system/js/ 491 B
718 B 561ms
111ms Script
application/javascript 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/media/system/js/caption.js?22f9d445b68051c3f4db41231b3587a7

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Jul 2023 14:23:20 GMT
Server: Apache/2.4.56 (Debian)
ETag: "1eb-5fffa7dbd0600-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 336

GET
H/1.1 200
OK bootstrap.min.js Show response
www.steganos.com/media/jui/js/ 28 KB
8 KB 572ms
115ms Script
application/javascript 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/media/jui/js/bootstrap.min.js?22f9d445b68051c3f4db41231b3587a7

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Jul 2023 14:23:20 GMT
Server: Apache/2.4.56 (Debian)
ETag: "71c6-5fffa7dbd0600-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7747

GET
H/1.1 200
OK template.js Show response
www.steganos.com/templates/ja_simpli/js/ 8 KB
3 KB 592ms
116ms Script
application/javascript 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/templates/ja_simpli/js/template.js

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

086d203a37f0ad4f271aedd70ecf20b05f8321c95bd333d8b1d36556ff880120

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Sep 2023 12:30:20 GMT
Server: Apache/2.4.56 (Debian)
ETag: "211e-604afe81d97c4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2795

GET
H/1.1 200
OK jabuilder.js Show response
www.steganos.com/plugins/system/jabuilder/assets/js/ 1 KB
1 KB 596ms
115ms Script
application/javascript 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/plugins/system/jabuilder/assets/js/jabuilder.js

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

f99a4ebaa546d6931a1a6b65cacfc907bd56fcc75c55e890c932b1a58ea05e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 24 Aug 2020 07:09:54 GMT
Server: Apache/2.4.56 (Debian)
ETag: "596-5ad9a45f7f480-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 687

GET
H/1.1 200
OK cookies-policy-notification-bar.min.js Show response
www.steganos.com/plugins/system/cookiespolicynotificationbar/assets/js/ 37 KB
7 KB 657ms
116ms Script
application/javascript 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/plugins/system/cookiespolicynotificationbar/assets/js/cookies-policy-notification-bar.min.js

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

1a6463d6789e1caeedeb33dd9eca76f4cc45df9a84317bc76e64a04b9a900eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 03 Dec 2023 23:05:38 GMT
Server: Apache/2.4.56 (Debian)
ETag: "9468-60ba30a32ef3a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7074

GET
H2 200 css
fonts.googleapis.com/ 5 KB
699 B 42ms
39ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT%20Sans:400,400italic,700,700italic

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3eb14959b30b76820df27eddae54d89807523ad15627db1677cfc3918a5e554c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 21:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 20:40:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 21:01:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
600 B 54ms
52ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,700

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75739866640443463e790b9da519c5919b2061d80834c1b91a67d33ea8b9f4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 21:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 20:45:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 21:01:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
779 B 55ms
53ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 21:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 20:26:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 21:01:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
501 B 55ms
53ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 21:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 20:09:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 21:01:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
795 B 56ms
54ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,500

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

162c00636a3468115f1ec9d654bad313f88832ece51480353e996a66f96922a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 21:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 21:01:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 21:01:08 GMT

GET
H/1.1 200
OK 30.css
www.steganos.com/media/ja_simpli/css/custom-styles/ 3 KB
1 KB 254ms
115ms Stylesheet
text/css 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/media/ja_simpli/css/custom-styles/30.css

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

bfa14e8edd139f81c5ed3ae1fd52f40540412229b1bdb5523bec8989ee3c2eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Mar 2023 13:50:10 GMT
Server: Apache/2.4.56 (Debian)
ETag: "d74-5f7695277bd56-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 928

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
93 KB 204ms
48ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XFZQ8G3C84

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac6f4fbd57e86b520be41757b90bbef63cfdd6d9584ce2e2353e73ad85df0a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:01:08 GMT

GET
H/1.1 200
OK itsec.png
www.steganos.com/images/steganos/logos/ 6 KB
7 KB 112ms
111ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/logos/itsec.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

17768fa627ba494b9a6660f08c91f89abf2875305a0dd14197911ff770269096

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Aug 2022 10:03:46 GMT
Server: Apache/2.4.56 (Debian)
ETag: "18d4-5e6f9cbeb6480"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6356

GET
H/1.1 200
OK icon_facebook.png
www.steganos.com/images/steganos/icons/ 2 KB
2 KB 116ms
114ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/icons/icon_facebook.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

5191e471eaef30e409577a0db03e92f7d28ea6d496fbab166bcd9c62bed6452a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 04 Sep 2020 16:33:58 GMT
Server: Apache/2.4.56 (Debian)
ETag: "6d4-5ae7f6f7b8980"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1748

GET
H/1.1 200
OK icon_twitter.png
www.steganos.com/images/steganos/icons/ 2 KB
2 KB 113ms
112ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/icons/icon_twitter.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

fe04505ed4d0e131ab14e07588bb85a4f42ac3979fe44b4484eea7802fbdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 04 Sep 2020 16:33:58 GMT
Server: Apache/2.4.56 (Debian)
ETag: "805-5ae7f6f7b8980"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2053

GET
H/1.1 200
OK icon_globe.png
www.steganos.com/images/steganos/ 1 KB
2 KB 112ms
112ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/icon_globe.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

0f786f0c22b2b768c5cd8e7f68d64ea82d290e07fcb11df843ca23ecfb48d698

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 14 Nov 2022 01:13:43 GMT
Server: Apache/2.4.56 (Debian)
ETag: "5fb-5ed63f34cdfc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1531

GET
H/1.1 200
OK buttonrow3_bg.png
www.steganos.com/images/steganos/products/ 4 KB
4 KB 114ms
113ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/products/buttonrow3_bg.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

e519285cef9088bfc255eb75b9732afd29fcd8d276f816f43476cc11bb50e5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Sep 2020 21:59:13 GMT
Server: Apache/2.4.56 (Debian)
ETag: "1008-5aeac36598e40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4104

GET
H/1.1 200
OK webproxy_xmas2023_en.jpg
www.steganos.com/images/steganos/landingpages/ 210 KB
210 KB 117ms
115ms Image
image/jpeg 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/landingpages/webproxy_xmas2023_en.jpg

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

ce07cf72d439d951f7ffa11f7c0b3d82ba32c8cd6ef679d56fd3dc504a6d3591

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 07 Dec 2023 14:03:36 GMT
Server: Apache/2.4.56 (Debian)
ETag: "346c9-60bebef0b9e00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 214729

GET
H2 200 5v9uj5dgk0
gen.sendtric.com/countdown/ 23 KB
10 KB 245ms
85ms Image
image/gif 13.224.214.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gen.sendtric.com/countdown/5v9uj5dgk0
Requested by: Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-64.phl50.r.cloudfront.net
Software: /
Resource Hash: 761744cc35ecd53aaba0f8ce484a8e0ec6918789906542923ac3e6c0a3a37b85

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:08 GMT
content-encoding: gzip
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: 13940060985180050735
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
x-amz-cf-id: cLxbI2h0TwJi8BV52kTD0RopNbcFI6u6Ed5j5hw8vhJHO2pjK9CnRw==
expires: -1

GET
H/1.1 200
OK screenshot_difference-vpn-and-free-online-web-proxy.jpg
www.steganos.com/images/steganos/landingpages/ 193 KB
193 KB 117ms
116ms Image
image/jpeg 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/landingpages/screenshot_difference-vpn-and-free-online-web-proxy.jpg

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

e706941d2b2d960607454be5f6c1d5567feee2c8d5398f4f5f5f9c77476add49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Dec 2022 16:49:24 GMT
Server: Apache/2.4.56 (Debian)
ETag: "30320-5efcc84cdcd00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 197408

GET
H/1.1 200
OK SOS_right_en.png
www.steganos.com/images/steganos/packshots/home/ 175 KB
175 KB 112ms
111ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/packshots/home/SOS_right_en.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

3161536226ae7304c9253761c41f3236cf579b17efe7031bee7a783f24230457

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Dec 2022 01:11:45 GMT
Server: Apache/2.4.56 (Debian)
ETag: "2bc9b-5f0747813f640"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 179355

GET
H/1.1 200
OK feature_green.png
www.steganos.com/images/newsletter/ 3 KB
4 KB 111ms
111ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/newsletter/feature_green.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

3560a550deaf2533ab6005ed7f6205ebe7e6671e820dfda56e2c8abea67f1545

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 11 Mar 2022 10:52:53 GMT
Server: Apache/2.4.56 (Debian)
ETag: "d97-5d9ef21eacb40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 3479

GET
H/1.1 200
OK icon_free-online-web-proxy.png
www.steganos.com/images/steganos/icons/ 10 KB
10 KB 125ms
125ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/icons/icon_free-online-web-proxy.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

eb0c68063f1bc372c96444851ca134452e8fab40255706234100d1d67b885fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Dec 2022 17:23:08 GMT
Server: Apache/2.4.56 (Debian)
ETag: "26e4-5efe11b48f700"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 9956

GET
H/1.1 200
OK icon_speedtest.png
www.steganos.com/images/steganos/icons/ 29 KB
30 KB 121ms
120ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/icons/icon_speedtest.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

0deabe04f0a817f10734b5427b3904ca7a94554834b56f283ea9246660b119f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Sep 2023 09:46:32 GMT
Server: Apache/2.4.56 (Debian)
ETag: "75f8-605b3223d6e00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 30200

GET
H/1.1 200
OK icon_wie-ist-meine-ip-adresse.png
www.steganos.com/images/steganos/icons/ 5 KB
5 KB 114ms
114ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/icons/icon_wie-ist-meine-ip-adresse.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

e2ce2097eb60f99395fee7dd2e7f8fcb70c1f2b5fa90c530618db760cea28997

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Dec 2022 00:48:24 GMT
Server: Apache/2.4.56 (Debian)
ETag: "12ff-5efe753aec600"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4863

GET
H/1.1 200
OK icon_spm.png
www.steganos.com/images/steganos/icons/ 17 KB
17 KB 117ms
115ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/icons/icon_spm.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

c499c2bf1d919fa8b55a22cc1fee13c41f637e6704ac242c3a34574ecbb79174

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 Mar 2021 10:49:00 GMT
Server: Apache/2.4.56 (Debian)
ETag: "4340-5bebebeefbf00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 17216

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 214ms
55ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5666250300757408

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d2beb101d4a2763ab1b5596b791ba2fd06cd286778e35890554c049305f8af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.steganos.com/
Origin: https://www.steganos.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52043
x-xss-protection: 0
server: cafe
etag: 4406733445450621634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:01:08 GMT

GET
H/1.1 200
OK rating_5.png
www.steganos.com/images/steganos/ 3 KB
3 KB 117ms
115ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/rating_5.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

1388a8cc7fcbed679913732fdff8ee6dcdff8d96781305123c33c6e2baa15666

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Apr 2022 08:41:08 GMT
Server: Apache/2.4.56 (Debian)
ETag: "c74-5dd3a3013d100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3188

GET
H/1.1 200
OK joomla-fontawesome.css
www.steganos.com/templates/ja_simpli/css/ 92 KB
16 KB 134ms
122ms Stylesheet
text/css 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/templates/ja_simpli/css/joomla-fontawesome.css

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/templates/ja_simpli/css/template.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

1a6091b3872cde7ab31b9f305307bf7a0a313c32afc57b968a70a732c0f7a439

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/templates/ja_simpli/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Sep 2023 12:30:20 GMT
Server: Apache/2.4.56 (Debian)
ETag: "1703e-604afe81d7884-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 16318

GET
H/1.1 200
OK font-awesome.min.css
www.steganos.com/templates/ja_simpli/vendors/font-awesome-4.5.0/css/ 27 KB
6 KB 215ms
114ms Stylesheet
text/css 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/templates/ja_simpli/vendors/font-awesome-4.5.0/css/font-awesome.min.css

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/templates/ja_simpli/css/template.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

b4d6b22089928a2b989f6f596c10c26ffaa7b71fb20a4125fde64ab1d3b43cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/templates/ja_simpli/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Sep 2023 12:30:20 GMT
Server: Apache/2.4.56 (Debian)
ETag: "6b4e-604afe81df584-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6248

GET
H/1.1 200
OK main_original_2023.png
www.steganos.com/images/steganos/logos/ 76 KB
76 KB 198ms
111ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/logos/main_original_2023.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/media/ja_simpli/css/custom-styles/30.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

9dadc1fb9a45a4f0aeb463bea2b0fa404b82b44fc8f1567e4d46b907b96b3b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/media/ja_simpli/css/custom-styles/30.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 29 Mar 2023 16:56:43 GMT
Server: Apache/2.4.56 (Debian)
ETag: "13053-5f80cdc4ec8c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 77907

GET
H/1.1 200
OK header_free-online-web-proxy.jpg
www.steganos.com/images/steganos/landingpages/ 31 KB
32 KB 196ms
114ms Image
image/jpeg 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/images/steganos/landingpages/header_free-online-web-proxy.jpg

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

27d3dc69033cf25086e1617f0c384ca78e868b68d01bf0eac887972addfbb721

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/en/free-online-web-proxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Aug 2023 10:01:35 GMT
Server: Apache/2.4.56 (Debian)
ETag: "7dd5-601edbfb313dd"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 32213

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 220ms
76ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT%20Sans:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.steganos.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:41:38 GMT
x-content-type-options: nosniff
age: 350370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 19:41:38 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.steganos.com/templates/ja_simpli/vendors/font-awesome-4.5.0/fonts/ 65 KB
65 KB 208ms
112ms Font
font/woff2 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.steganos.com/templates/ja_simpli/vendors/font-awesome-4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/templates/ja_simpli/vendors/font-awesome-4.5.0/css/font-awesome.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.steganos.com/templates/ja_simpli/vendors/font-awesome-4.5.0/css/font-awesome.min.css
Origin: https://www.steganos.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Sep 2023 12:30:20 GMT
Server: Apache/2.4.56 (Debian)
ETag: "10440-604afe81de5e4"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 66624

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 205ms
65ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT%20Sans:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.steganos.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:04:01 GMT
x-content-type-options: nosniff
age: 302227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:04:01 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
33 KB 171ms
34ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.steganos.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:41:39 GMT
x-content-type-options: nosniff
age: 350369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 19:41:39 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 157ms
106ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5666250300757408

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae55db58ecb56df26351945eafa085c15e7b16542c5515a162e49c27b3334019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137683
x-xss-protection: 0
server: cafe
etag: 7593437900132857387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:01:09 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame A01B 9 KB
4 KB 82ms
24ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5666250300757408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.steganos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:09:21 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 20:09:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
255 B 96ms
38ms Ping
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XFZQ8G3C84&gtm=45je3bt0v9101405752&_p=1702155668772&gcd=11l1l1l1l1&dma=0&cid=774795937.1702155669&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702155669&sct=1&seg=0&dl=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&dt=Free%20Online%20Web%20Proxy&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=2100
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XFZQ8G3C84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.steganos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 69B0 56 KB
18 KB 825ms
824ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&adk=1812271804&adf=3025194257&lmt=1702155668&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155669055&bpp=8&bdt=954&idt=253&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7001033886283&frm=20&pv=2&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58cdc23dd9a7bbe58227e48a147f82e61d766b84483fd99349d1a7b7a2211ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.steganos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18394
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:01:10 GMT
expires: Sat, 09 Dec 2023 21:01:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
55ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae26fdf16fdf577c145238f802825fd9fe697bdff6a09960c0ab8894b9d13c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12282
x-xss-protection: 0

GET
H/1.1 200
OK close-icon-20x20.png
www.steganos.com/plugins/system/cookiespolicynotificationbar/assets/icons/ 271 B
588 B 115ms
115ms Image
image/png 194.147.131.26
HSPEED-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.steganos.com/plugins/system/cookiespolicynotificationbar/assets/icons/close-icon-20x20.png

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/plugins/system/cookiespolicynotificationbar/assets/css/cpnb-style.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.147.131.26 Berlin, Germany, ASN31276 (HSPEED-AS, DE),

Reverse DNS

web131-26.hspeed.net

Software

Apache/2.4.56 (Debian) /

Resource Hash

ee8dde5c2900afdf35dec739f20a375922142b6f2bdc38c2f89ce734a9129da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/plugins/system/cookiespolicynotificationbar/assets/css/cpnb-style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 03 Dec 2023 23:05:38 GMT
Server: Apache/2.4.56 (Debian)
ETag: "10f-60ba30a32ef3a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 271

GET
H2 200 jizaRExUiTo99u79D0yExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 26 KB
26 KB 38ms
36ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0yExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT%20Sans:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.steganos.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:52:20 GMT
x-content-type-options: nosniff
age: 302930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26460
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 08:52:20 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 29 KB
29 KB 29ms
27ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT%20Sans:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.steganos.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:41:50 GMT
x-content-type-options: nosniff
age: 350360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29928
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 19:41:50 GMT

GET
H2 200 jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 28 KB
28 KB 32ms
32ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT%20Sans:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.steganos.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:34:40 GMT
x-content-type-options: nosniff
age: 87990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28444
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:34:40 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 84ms
84ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

293c74bf5d1cb7b3504548ee1f252f32c7577d5be6a732d1f8b1ae66865ab260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55985
x-xss-protection: 0
server: cafe
etag: 10076606989085564286
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:01:10 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D36 50 KB
20 KB 448ms
446ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9c6f3a48458ed918161fc64d41078d54e2f2e4062b7c16a140a86a82382125a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.steganos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20107
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:01:10 GMT
expires: Sat, 09 Dec 2023 21:01:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0A8 52 KB
20 KB 280ms
279ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2778695&pi=t.aa~a.2190036708~i.101~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=2&bdt=2139&idt=2&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=3&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14934f12bc78b1d3f861aed423d39d63baa1a412518695f017fb8e296e19c616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.steganos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20737
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:01:10 GMT
expires: Sat, 09 Dec 2023 21:01:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50DA 51 KB
20 KB 403ms
402ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.1786538880~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280&nras=4&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04bcc0bc52c897d2a6d5e4dcc09f61ecbc5a1e51607063dd4046299ddab3ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.steganos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:01:10 GMT
expires: Sat, 09 Dec 2023 21:01:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FBC1 51 KB
20 KB 430ms
429ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

627a12f33dbe51b1b181000b2e878f9e86c0f2742d7c4883c7b03b47a8e135f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.steganos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20085
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:01:10 GMT
expires: Sat, 09 Dec 2023 21:01:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 118ms
42ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 21:01:10 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 3023 9 KB
4 KB 25ms
24ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.steganos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 84036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 21:40:34 GMT
etag: 5585625838579639069
expires: Fri, 22 Dec 2023 21:40:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8F7D 624 B
246 B 80ms
73ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ0Mm01AUYoqGQ_gEwAQ&v=APEucNXhYUba_oMaAGnNOgYNNADaBFyafjkPVDLDV3hTwve2qh79eN2Z9Oz6oNSDpxjb9a02GtC7f1NvDdeZR1cjp40BBBXBxQ

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:01:10 GMT
expires: Sat, 09 Dec 2023 21:01:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E5A0 89 KB
31 KB 71ms
66ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:01:10 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1712960/76808492/xbbe/creative/ Frame E5A0 263 KB
80 KB 220ms
119ms Script
application/javascript 52.54.165.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1712960/76808492/xbbe/creative/adj?p=APEucNXFoNwqUQOvzqbbYkXE6wp0W1yhsw2J_vPd7G1wVztJH1lDIh8&d=CokBAKAmf-AhciWk5PWPRQI5XWUAQ4GHre3CeduCM1bkwUeldISv9ULJH6fRCwC7NTbbPXarlpF520llDeNlfZxPOmrkLtAkGOoajrTt93TPXM9H04F35G4oN7dZbkq9moQEmqj0yE8u1JS3rQt9UaQbPpID8hUphp03Xa1ZP9u9azmuNwHsXZKUjDMS2RQAoCZ_4KW87H4U5uACvI-JQJZm-dMzvuFxZGA2DVXBmfXMJsk36U_pOIpYtAjlZvgSsc6igu2aGkRedyhjp-DbD2Dd6eisJ8nARy9_xhJn1DEmCiFWdNCWIqSI-P5PqQwRcrnPp6-zIfLoQJdwxqtJFjnLzS-fjENXz23Ug0LKmV3kQmfukbRFZTyBUc_bMw39wS-ZFZs93NS2YSuKGSMMkKcZVzX9MIDNX8uP0NJRjJ1El1rJVKngy_aaXFTxxjaqMoQGUOuRp-sCjF9p_z_-xHWLRZDWywqRDBT6Kdu0TkszAc14HQv_dWIuUDoFe0D9uglgpsZ9H9h8Os8dGEXe6Qnp-m0k-zTMXT2-DEaAOxvRm7us6Lq-pMpaAFeEJGJgQ98g-JFcT3Fg-CGXvJikopPP7hoY_oiEdikIC76eAaPdNg2t4tAuf8gCSzzrRCgO18cJq_kxU6bil-ISDHc5CAjtEk3qg-WmCbtdMMHgcl-2GOKkQYm1IeYgvh6iu_qlJh1D_Y8TG33oq_2XVks9gsQo0d_gqFAmpcXAPvexoJYY2UOMkcGct10TG5fkEZ7LP7RHDEMORDiuxiI_1_L2No9yeOt4m22d8cQmgMG3rlgWT56XjQ2JcJeZKk6KE4cmeKhB_F54JpuxGiTqT_vckSYwx_ehvpTfFdLfXxEduDvGQ-leDyy0Y55_1MFxGXLf6HB4NnTGAq2f3KEjw_1YYvfhDZaPLSlfZWADzBLzy0Oj4dB9qKmDtoaPcEnD_I_59YYFmVkB02Bvj28qewR8vbBEEDN_41t0pe7Qr-zXYcCk8nNTmEkAeBVpGhnUyfkWO-yFyd_HabJCmG23S80PixYaZHdGvfvyRnn1JD68imS6LISjDMwLWKY_aYJbe8x16jomk5VqbZm2g5Cye87hQZsgN-zGk70CdmayZPCrx9SfytotzFvmd0VNDidr_n-eozm5SuzSym6d0hkLOjlXdy0CEFW8fE7cW8wHlu_O_lmm9k9AI6bY8Ub2x7Aw0R9uH5jJHpYr7-rgkbuLoR6ezq0qQwWLhs3m5jQ2sTyEvEcTEZVL3hHQfgt7-RULCWFxGFbAMZNT71X5rKT8TsvYesQ6Yr_xq24IiqXCCx0q3qYt9I_l5ozGjUzUSov2uDavFb_eSWG84p4DLB9uQUbeP-JPfl1EyfKPxPQnjlUkcn4q_-Gd9GY39J58F69gOAW6Gf1c7nOB6tOBvcEKqfIyyUmBr3IHLTzsSHdbjILCVRovVl5MaxsAumpQmdorlkzoQEki7gPyyr1TEFiAXsGFdCP2h1A_BZbxpDVXgyVcDYFMqvDFKzwI2WcdtfTJkA-D1iCjSSBMc04lMS7PZllPX5Eyvrb9tv0L2TETIUVc_0L7GPKMs62G5d2vk2i2NgmkgBSjSTvC6TfnAtevU0qO8qKLbnZsCCsX49607qicqOKKV4Y_MXFLDnod0oKH9p5WOAKz224tZsuwdy9yUvI1tHbROHZjENBWvtkeTZg7gBpQIw4QcNt6sTDL1cwNTCAraaI1co7ffRAaqYI5VdgGMUNvKC8hswwqCe9lAI2IFceZfRQ3uNV-29voF844EAReEmfAwC5rWCendm22HWYT1GkgXXQQGjQcwOBYTGo0FVjmuSzmKS-rJSAYB1o3lvnQoifbV74kGihG-OUKD3JtOE7HHROJ_x-MiHzeyRQGliIK3XsyeCCUbpVBh-B0b1pJ1qbZ2sutRxlRzLHQ9R9uLg-URzIQRcpdMt3BPtxaRI4EF5j1a2nao20N8CKM59v38FMRt12_XXrUbnoDkjqhCCRik9NSuE0gZBpy75sYKIqQdTmx__UqzVGVVfMQSAHOKaubCKJJtKR4K6_fva9pO_lwYfsVriscyrk11huS2VmFSsG1lsFaZlIyLvLDTjZ-P2ttu6W9J4bX3RH-gNmaVj82LF50B43YdNhrHYiTGPCFYaeAsBmiMp-OYALA5EqG2AbMD7CKU018dhoG6RpTTEDzGgmTRB_e4rAkKJJw6VVJdO4E2KP8mjCGQ5fzFdQEDlTsL0IsxlvSZms1DpKU5_iZVVZXQS53RsfEzyN8iKgnovB-NOxDOxmwVit3wjkZJZwnT174x5jQroRzThvHZi8GBQZi_c5lyByrrnBaKmQdoetRYwWE7Zjz2lMyoXtFLxFi9Mzn3XgrGgRARFUE7IorzaHVuruckdaJ9KZC7TFEY7CviZmxVA4YMoKa9vvanALfnvBmWzlolQZUUCvWJuX14FXmEbjp7c9qZcSaoC9-qOvoFw6FaYgTwHRrgbQ6WXN791pbwkJouPtTqHexkZvJH7WKgpXFBJadcw7Us0hj0vI6h8Ljyq4Uak-fYBB5eB-6DBpVAHzL8kSXPCdU2ycsSGB8sVGP-Wm7PyhLlYFdyTENgfJ7jGhwlaIOv-kS5_2L0CwTtJnfZSksYzVoQ6ggeuVwQJ3GMm2lfRZ81YWdTtVuKwD_iVwJllLC16riVqKFZr0CxU8WhHOzHuaoxum1gpLQCXajpaT9GED6lzuKfAL4eRACw9Gd52ZB_YoFjTtiwySZ1BAvh_nCuyvHj2PoSTGwskSsnrtoPnGRvnE-8mvQRoNid5OmEcQYI46qnmExRH_CgQtUNk_1Y7YtEKyCrGkqEh53V_oz3kpDiLVOLXgztpf9oCFzW-MKppS5GuuTQiwM_nchYH3r4O9FAhDjdGGpIR8W6jcsY8NS8aUCOrtq1n6Va4ShS8snwHTNNV1MqaLrnt8PAtyF0GGDKXi1hfGNLlkxw_zzoC5uGpNM8Orh3c1RVwXgUk4krrxao7f56qtppWZsA6j_IuI1g9vebyjs0wvTEilC3y58G8HsKssi5plreA7bkXLMeKK69N9tl1vUkR5v722ne6SWf8BzZKVBPytcufTJ8Ys8TsD4ISRkzD3rNnvk41P-j57wLHPhvLKAfOTCvqZ_AR0XuNfdQ72W_raaIMDP1oLUVo12I6-yKROhO_Rnmb3dc8AEZDYn-1gSmBZiyVMJz-63ALOA1H3qNwMaOtZDLQIh681z7zWdT9-uq5KnMDao_dmUFahGRYrkxYmEmKDBDjpGegZYC5nkEANxUSEueBa9EG3xHJYeFKg0RaD_vDRXmA1M5tDKoIQ3NvodP-w_y6Zs8ldz5ONRU5WM1uzuOWj1FMvhs-LbE8beCrhgxjeNMhzslwdSm_uSopn7TsARdHGcWhdR48iTsiUSrLoakeletav-Z6L7H7HCtvmePix6ZeRX38a-lgbFNPZjtX0S2Q_bbEX5JH04TA2iD4XKyS_gUjQX5lTk59jYLwq9-ppggdv2LUdIDILsNYzfTtGfKgVlxBJqxuJ5BPvBu1ssMIAjKuJVj2y5rfPR5D6ln1sEZEoTddIRpAkPnJXcbyaYGyLNIqizndH1vxWKm11bjs224wDaLPXUgkWqUsm8p0N5n0kBpB_R5jEfskbnufkWUiBPBP3b9TmAo1iJWNEotNxx1RN20bZYGcZfQfThMMPnoiFJQH_1cGMI3CgaVQgEEk8AyAmmjYG7fYVROIAOMHIL9x1EShWB7Cp27LqpPBzt_lgnXP4m-kkPmDjSXfrWU8PbHW8B5ebE75DohgX54q3VRWbPppVmKydj2YW9LiT6GAFgAQ&bundleId=&ias_dspID=3&ias_campId=1014946280&ias_pubId=pub-5666250300757408&ias_chanId=1&ias_placementId=20804038311&bidurl=https://www.steganos.com/en/free-online-web-proxy&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gdksnNvIKw-h2Epo1NwLJo
Requested by: Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.165.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-165-94.compute-1.amazonaws.com
Software: /
Resource Hash: 1f07f26669c1ba0d399e49cc6e52ef50d9527eb8329200cb711cb463483cff92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E5A0 3 KB
1 KB 34ms
32ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:34:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E5A0 20 KB
9 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:51:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5A0 202 KB
64 KB 165ms
75ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:01:10 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5A0 42 B
63 B 55ms
54ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bt1PyRusb1MutH2qGKYSuWiyw8bElodJ_ZRev5IxoZtaGNtJaMZX91usE3g7ESx1j4sbryjXQyPKNPnBsUVQFzRfOXAneLhkqD5phR8hEEv4tRpiE

Requested by

Host: www.steganos.com
URL: https://www.steganos.com/en/free-online-web-proxy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA14 13 KB
5 KB 27ms
24ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.steganos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 55073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:43:17 GMT
expires: Sun, 08 Dec 2024 05:43:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D63 829 B
1 KB 114ms
47ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c037e73d354ce83e5351dbb4c86c64003a68146044ef2e1c0011893e0d0ca69

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ktQka28cEO9lgCedjV8hQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.steganos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ktQka28cEO9lgCedjV8hQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:01:10 GMT
expires: Sat, 09 Dec 2023 21:01:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EA14 39 KB
15 KB 29ms
27ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 05:48:48 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5A0 0
20 B 60ms
57ms Ping
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9079153128088&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5A0 0
20 B 57ms
56ms Ping
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9079153128088&version=m202309260101&ct=76&x=1&cor=17804481310323806000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E5A0 16 KB
12 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASbKlceJVzch7i4peGJzeZpQFEuqIInVnsrOEMoOBJwZeDSZpBEOnhUfP4uXpmHmka4nytaN9ODr87ZItw3tSF-o80D1Lej_GZSCVqZ6CVo_SSDt1hvL5hFS99PfAysS1QQLmCrwxqq02CX7g_CBijq9AL3_Mhs0aVswGLglV3CNE6uLY&cry=1&dbm_d=AKAmf-CmC0QUb9v6yS1cV15U3QXnuSR5yUkYgJupYnf5ReEX90JRGCVDzDbnq3vnquDaA16qi62pBKRN3dNYGw-HmJPogUVyzTNbavg2PbQrgpBcv4yH2gDrmPbZtGmjpRiGOZyVP4XE5-m4dUKEhN0qJQF4NZcRji0GI53CJr_QyTiqldijUoHmxyk_bgwntSfSdIk5in7CK94qpDe0iYQqEyLBET7lzu8NG8IMQM_eQUER1fGxiiU1VKdMoz4YGSlFzSubdIf_kj4YiipzWn4GDBpHHisjSFAa9hbQDm5ecYgffWIm9OcNRKuxS_Q9fkwYSQQ7BAhx-cKd4sk0z_1_iNnPYWHhUEHxhvh3o8D_yAUy8UaljOaRSWjKNGxOIoJT6RKYNCUxLZLLR2OQtUcrd3PPq4e3wRJtrRgfITHMwhDzEfcP2ETqozMI2b-mDQiZbcHb_KOm1hbHfQTOgs3GWRUm4XriBjSfbfP9I2lQ_hfQ2j0Lz1ujVU6b7r6q-l0ZwCc_UG8PcjAFOtwxsTNzGpSI_S-0dm4sWTgzVIvReM0WCDqQGEarPOXRCOhbskZR2HhI-24Z2oFGSRmUsDtGukgGc4Yac7i4OfEfZw4v3WbL_OwRnal0q7ce3FR7x6-IJ3huu5EpItArtvUO4EYuhuBDO6gAbLLfKCoTQ7kFbRd9UgVGBYYNoLHqKJ9HIbDLqEkIKVFjJ0dnvl2u5GrekrhACfpt6-13lSILVJqJHuPqNtysMayto_BOX4VYegbwbUCimnPtKIghrY833yl3v6tTtXqvMTJ2BsZVvcO4SL5KX_hmCfkCzm_pvWFFjlQcA6pf_vQmScLOI7ONrOumf0y4gSJJO6kucqJfZ_lA0r9tasLs-N0SIwfkRafuCtCvsS94PvMdjHMeO3WdGiHIgy99wVyHgmabekEfCSTAkJK5jXa-BSudq0V4iJ6jVVzCt2Tb0qUYp0u69zAm0DDJurl2yQwvha2QMxevyzgIKGBZCULi6amD9WUT_wk-ZJNgxPZzVRuqpHAIpzaqz0Cni23C9hFBNZq8pD0d7ZovS8VkEEReNPKICH9EpMRkQyd5LZGQTUe1NMgbpsOKWOajc1qYjrGP8vmNdsFl-jTz2YbmUdwufKmmUIS_XoIc7AZtGm5Hb6EozFDMpWv5LaM1z5qwKDMKAqSWhFauee998iXnD4mtsVxvAED9O5vzHrtK3y_ZfwQKlAGJ9m9HlSsSMqhaSjGOJl9FwvId4p4X1914ZmU7cedPtvm3v19dGvoQv3xhGxfZq5iCr3b8d8taDu1oLgJPjdPDU69dM-SXL5-N9OV42U9ilY69iW7vyWuJsjog5kxXXeBPiGik4HtFUIsf_mc4UqeAxRzKYn3qb0uKvY5zyPtr4hLO2rSfAE1n9gI1LlDKz9-CY2H2Kig_csjcQOxbkKk7X0ZbAPI7wbFhJxskuaUGjy212Qu-vzKBXS-DGggItuW8NqpyR7M-XtwVJFylwJGu5SehFdBCAPcX1crUlS7VsHsAJzxEPV_Y3he45mob5PSUlGxfxsKUQ1NmePBSy7HKpXjWLzmmUy1kLGGdt0fnC498QwkYPYpd0lwA2axGMFDb3tsLsGfMGcy4wdstPmWm46LAOTx_fFk48goUFVna-xE_ZbgjZhT5Bh37hTScLfddyahSQ1p86Y8DIu4pe-Yg--YGmuhTK-0J7R2X1Xw3nhuP4GUgxWad3tUKaOdtulo1dPDvWJsWsIOnBVInhVNAYm4fOMotspuU32gn1q7rMQTaqDt3XjFYB7V0Hm8McaEDOmA7EiDCeIhj8t_Iypkwq1CRztGSzgX4TrfYWv4Tq7fKchO01Tpxufk5JDkEtEGUs6FJ6KDnZmacsmltmNpMa7nAnwUh-A6ocX8GaxciGLNShTiAG3TaqWFocBnFCz3mBRKCcKrKOETP-MGPUWLEq4-sOShp09XK0_3fHa9WvmE2C9egADZ4sUcuKqy438Kksmw3ZuFkblbr2nZfjOTz9M5TU_ylDtctS58kpkrSHDOJWB37bRJNEWsQw1OnnJYNDXGHtX4o2lCyj_d3XGGNyZ05pfx9qEleKy2mCY85t7szc_klCieSP2l-6Jt6NLHAxa3p4gn22Q92lL2BzN4jKXGCyQUvSZ4glUmV0x_S6iFTrFPOHXF2VR9e-uCicoXf7WgUX-g5s6_CByfIm1eB4540qDIx_iRSM97ti8U-XkGTlh5EvdfQWk-q2cRio8MnH5FXeElVqpm8IYVsP1GVr2_ScOU-2G6cZY-D8jKjwtKrpoCHJF3Mrj-E622hQvAN7BI4sflySlXQ_KYSImp8jb0hTowq4kizRTEMjDOr8eLdDXI7_rSgQuvnhuUHjslJJhyEmskNr1ihgMlFPsg-rY26Tu3qlGn4h4OpFr_QK237vCDrtV6BruoU9ATL57HmLknec9FyiVM4oY5nmLZjB53G7jARRM9SiP24qEtUF-P1z5e9pJQPGfsO82vThWJZamq0KwkJXrVNfd5oPTgLHJ32C6FIg_BBim6xvNpGYXW6ug_hGE_Pp5Z3iokkLji09De20qZ1kKi2yDq5TFuHeboHIJTVf6dSSbE3cP8Q3lXHqjKtp4pBgUt12xDzrg_HDHYAi5r6tiKYHCBdCRpq0ego_yTOtPdGuY3bfuhckdrQn6bboIEuBlaftX0hg_dr55nBIdixDTEh-rXwSD1wqk9ROBQu34hb5TpclS7tkntyJfMzCSsFnxr4ix84us4ZFhoAz4GbLgeVNDUzHZ3DvZPwf1rQB8on9tuEzm3sdZhPBXgoLKCATfZLzBhdFbGNnrGvj4LefbM5rXF0zYGZ7ydY4gr1lAZJ8IwNdMbFskQzhdgR9KJVVRCKeLrddxFNp2SrMO4SceJ7PB8ijkwdt0QSvkgM-CkZIhyOJ6_EoeIWI8hUFRc_Z1brxotnm1L25I09msJ9BvuZOcnJz4qqc6XdS6SGiFylCerhjaB635hWJOFUa12u5LZtF5l3ap2aJARrfoe3lHVKahGXpfLGR1U0JsRR9CJujSx580db58BoNRmskrEKB1TgZRjKJVcp4RK5aVKOi_ouAa6S73cdPmfTxIrMgjTZ9hqrNgOgMyPkytkKVWfcAuJ7uNKy&cid=CAQSTwDICaaNgbt9hVE4gA4wcgv3HURKFYHsKnbsuqk8HO3-WCdc_ib6SQ-YONJd-tZTw9sdbwHl5sTvkOiGBfnirdVFZs-mlWYrJ2PZhb0uJPoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.steganos.com%2F&ds=l&xdt=1&iif=1&cor=17804481310323806000&adk=521587873&idt=77&cac=0&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee10f11fe1e05e4dbbc22741d233591988784985255955730420db4d550397d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12252
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8F7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENThWA-XX4c2J_WI5cTPkM&google_cver=1

43 B
339 B

68ms
63ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENThWA-XX4c2J_WI5cTPkM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ0Mm01AUYoqGQ_gEwAQ&v=APEucNXhYUba_oMaAGnNOgYNNADaBFyafjkPVDLDV3hTwve2qh79eN2Z9Oz6oNSDpxjb9a02GtC7f1NvDdeZR1cjp40BBBXBxQ
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmDz94e%2FrYOCsokkp232FF1SRcCF4pWUdZyarINSXc8Xw96sU%2FebfrUTDAYR37AqpRch2CCnPJLcmT7FuMqKF17%2F8oKrFP%2F54wnpOifMRKZxUbmQKtCk7KVh8KZvCFzGv0yUSjL3Qux1PA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83302e8d980fa22e-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEENThWA-XX4c2J_WI5cTPkM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8F7D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXTVloHzDnfIK2.ncyqB9QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGADtK87yobD5v8DX4n0DR0&google_cver=1&google_hm=2

43 B
771 B

67ms
66ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGADtK87yobD5v8DX4n0DR0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ0Mm01AUYoqGQ_gEwAQ&v=APEucNXhYUba_oMaAGnNOgYNNADaBFyafjkPVDLDV3hTwve2qh79eN2Z9Oz6oNSDpxjb9a02GtC7f1NvDdeZR1cjp40BBBXBxQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdsxIYb8stCjRGGT%2F4h2DHRgXmvIiIrMmgljpFuXwOf3e3h9Ot603rTlhHeyH%2FYQMBnhEe4m%2FGt5tVtW0U5%2B2wcx2HcuP%2BxMfaINwUqrtXsBWLGtXy%2FGlh7IIa3XsaZhAfhnU7JBEPoVjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83302e8e69eba1e4-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGADtK87yobD5v8DX4n0DR0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8F7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB2W35FAxoyRN-w-UiqyPgU&google_cver=1

43 B
838 B

35ms
31ms

Image
image/gif

68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB2W35FAxoyRN-w-UiqyPgU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ0Mm01AUYoqGQ_gEwAQ&v=APEucNXhYUba_oMaAGnNOgYNNADaBFyafjkPVDLDV3hTwve2qh79eN2Z9Oz6oNSDpxjb9a02GtC7f1NvDdeZR1cjp40BBBXBxQ

Protocol

Server

68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
an-x-request-uuid: 5bc35272-8f5d-4e31-9826-c463ec750916
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.45; 96.9.249.45; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB2W35FAxoyRN-w-UiqyPgU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8F7D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3ODMyODgwMzMwMDc3NTMwOQ%3D%3D

170 B
243 B

60ms
36ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3ODMyODgwMzMwMDc3NTMwOQ%3D%3D

Requested by

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
an-x-request-uuid: 3539a5d0-3560-45ad-a5df-b42276955ba6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3ODMyODgwMzMwMDc3NTMwOQ%3D%3D
x-proxy-origin: 96.9.249.45; 96.9.249.45; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index-08bee3b1.js Show response
cdn.rtbrain.app/ng-assets/creative/assets/ Frame B0A8 105 KB
39 KB 128ms
41ms Script
application/javascript 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2778695&pi=t.aa~a.2190036708~i.101~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=2&bdt=2139&idt=2&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=3&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7857661cbf6386f01bf627f1329e196fb85a3c8d2ce9f2b49336497ed96b1b

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1418
cf-polished: origSize=107390
x-guploader-uploadid: ABPtcPpxQtTfCSyPOb_enn-BbE9QJRdmfeaoA7RqjtHSzqUaQGS0ttPVF6k_k26tLPbZscwTlpR1YFlaPQ4LsgRnuVpcMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Thu, 07 Dec 2023 14:16:01 GMT
server: cloudflare
etag: W/"eb3bd05687aff47dc216f3861993307b"
vary: Accept-Encoding
x-goog-generation: 1701958561063690
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=uVi5mA==, md5=6zvQVoev9H3CFvOGGZMwew==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKj8%2BocAhR4OSRBv0tl5KPZqCEQV2eLn6SW4wsMofA5joTBFrhd9RE9qhlKPmzAmC4X2Eshp3sQposM2Ujj%2FNwSA8%2FyDuC95V7GMCjq2x9NC0SBsX4F%2BRRgNh%2BrZ%2FuVwy42eK2PHYThwvXXunA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 107390
cf-ray: 83302e8d9b784bd3-BUF
expires: Sat, 09 Dec 2023 21:08:25 GMT

GET
H2 200 index-af5b3122.css
cdn.rtbrain.app/ng-assets/creative/assets/ Frame B0A8 12 KB
4 KB 121ms
34ms Stylesheet
text/css 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2778695&pi=t.aa~a.2190036708~i.101~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=2&bdt=2139&idt=2&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=3&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2626
cf-polished: origSize=12801
x-guploader-uploadid: ABPtcPotqeZsepELF5aFka9N-itjmDYcB7OBwXhmEWO2vp5olJFYra3CUcN8ZFHEBZvrlHA7q7fmDhtUZROJ0_PhsvzSIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:44:13 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-generation: 1701096253798128
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9CrjTP%2BQSceY0dQvJQLOJdCb2kh9APUvwJbCQNH81JhFGyq6JkrM06tMHbYMyMqPIHdWR%2FxelYacCIJVS3s3kGCAs6Ph6B6ghieNIXGICM1%2FkBQ0gnnWBnN8O382bQeec5JfLqfKKd49A4R2A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 83302e8d9cc84bc1-BUF
expires: Sat, 09 Dec 2023 21:09:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame B0A8 3 KB
1 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2778695&pi=t.aa~a.2190036708~i.101~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=2&bdt=2139&idt=2&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=3&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:34:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame B0A8 20 KB
8 KB 29ms
26ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:51:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B0A8 0
0 45ms
42ms Image
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGcZwpKTy4LoCTvN-PHHibopV2SPq0CdeGykuUcLQzBVsPRIUk3TC33dwYkZBB-4ZkMwWxlER-26cHSwSxeySyQdRT_g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2778695&pi=t.aa~a.2190036708~i.101~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=2&bdt=2139&idt=2&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=3&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0A8 202 KB
64 KB 61ms
59ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:01:10 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E5A0 41 KB
14 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASbKlceJVzch7i4peGJzeZpQFEuqIInVnsrOEMoOBJwZeDSZpBEOnhUfP4uXpmHmka4nytaN9ODr87ZItw3tSF-o80D1Lej_GZSCVqZ6CVo_SSDt1hvL5hFS99PfAysS1QQLmCrwxqq02CX7g_CBijq9AL3_Mhs0aVswGLglV3CNE6uLY&cry=1&dbm_d=AKAmf-CmC0QUb9v6yS1cV15U3QXnuSR5yUkYgJupYnf5ReEX90JRGCVDzDbnq3vnquDaA16qi62pBKRN3dNYGw-HmJPogUVyzTNbavg2PbQrgpBcv4yH2gDrmPbZtGmjpRiGOZyVP4XE5-m4dUKEhN0qJQF4NZcRji0GI53CJr_QyTiqldijUoHmxyk_bgwntSfSdIk5in7CK94qpDe0iYQqEyLBET7lzu8NG8IMQM_eQUER1fGxiiU1VKdMoz4YGSlFzSubdIf_kj4YiipzWn4GDBpHHisjSFAa9hbQDm5ecYgffWIm9OcNRKuxS_Q9fkwYSQQ7BAhx-cKd4sk0z_1_iNnPYWHhUEHxhvh3o8D_yAUy8UaljOaRSWjKNGxOIoJT6RKYNCUxLZLLR2OQtUcrd3PPq4e3wRJtrRgfITHMwhDzEfcP2ETqozMI2b-mDQiZbcHb_KOm1hbHfQTOgs3GWRUm4XriBjSfbfP9I2lQ_hfQ2j0Lz1ujVU6b7r6q-l0ZwCc_UG8PcjAFOtwxsTNzGpSI_S-0dm4sWTgzVIvReM0WCDqQGEarPOXRCOhbskZR2HhI-24Z2oFGSRmUsDtGukgGc4Yac7i4OfEfZw4v3WbL_OwRnal0q7ce3FR7x6-IJ3huu5EpItArtvUO4EYuhuBDO6gAbLLfKCoTQ7kFbRd9UgVGBYYNoLHqKJ9HIbDLqEkIKVFjJ0dnvl2u5GrekrhACfpt6-13lSILVJqJHuPqNtysMayto_BOX4VYegbwbUCimnPtKIghrY833yl3v6tTtXqvMTJ2BsZVvcO4SL5KX_hmCfkCzm_pvWFFjlQcA6pf_vQmScLOI7ONrOumf0y4gSJJO6kucqJfZ_lA0r9tasLs-N0SIwfkRafuCtCvsS94PvMdjHMeO3WdGiHIgy99wVyHgmabekEfCSTAkJK5jXa-BSudq0V4iJ6jVVzCt2Tb0qUYp0u69zAm0DDJurl2yQwvha2QMxevyzgIKGBZCULi6amD9WUT_wk-ZJNgxPZzVRuqpHAIpzaqz0Cni23C9hFBNZq8pD0d7ZovS8VkEEReNPKICH9EpMRkQyd5LZGQTUe1NMgbpsOKWOajc1qYjrGP8vmNdsFl-jTz2YbmUdwufKmmUIS_XoIc7AZtGm5Hb6EozFDMpWv5LaM1z5qwKDMKAqSWhFauee998iXnD4mtsVxvAED9O5vzHrtK3y_ZfwQKlAGJ9m9HlSsSMqhaSjGOJl9FwvId4p4X1914ZmU7cedPtvm3v19dGvoQv3xhGxfZq5iCr3b8d8taDu1oLgJPjdPDU69dM-SXL5-N9OV42U9ilY69iW7vyWuJsjog5kxXXeBPiGik4HtFUIsf_mc4UqeAxRzKYn3qb0uKvY5zyPtr4hLO2rSfAE1n9gI1LlDKz9-CY2H2Kig_csjcQOxbkKk7X0ZbAPI7wbFhJxskuaUGjy212Qu-vzKBXS-DGggItuW8NqpyR7M-XtwVJFylwJGu5SehFdBCAPcX1crUlS7VsHsAJzxEPV_Y3he45mob5PSUlGxfxsKUQ1NmePBSy7HKpXjWLzmmUy1kLGGdt0fnC498QwkYPYpd0lwA2axGMFDb3tsLsGfMGcy4wdstPmWm46LAOTx_fFk48goUFVna-xE_ZbgjZhT5Bh37hTScLfddyahSQ1p86Y8DIu4pe-Yg--YGmuhTK-0J7R2X1Xw3nhuP4GUgxWad3tUKaOdtulo1dPDvWJsWsIOnBVInhVNAYm4fOMotspuU32gn1q7rMQTaqDt3XjFYB7V0Hm8McaEDOmA7EiDCeIhj8t_Iypkwq1CRztGSzgX4TrfYWv4Tq7fKchO01Tpxufk5JDkEtEGUs6FJ6KDnZmacsmltmNpMa7nAnwUh-A6ocX8GaxciGLNShTiAG3TaqWFocBnFCz3mBRKCcKrKOETP-MGPUWLEq4-sOShp09XK0_3fHa9WvmE2C9egADZ4sUcuKqy438Kksmw3ZuFkblbr2nZfjOTz9M5TU_ylDtctS58kpkrSHDOJWB37bRJNEWsQw1OnnJYNDXGHtX4o2lCyj_d3XGGNyZ05pfx9qEleKy2mCY85t7szc_klCieSP2l-6Jt6NLHAxa3p4gn22Q92lL2BzN4jKXGCyQUvSZ4glUmV0x_S6iFTrFPOHXF2VR9e-uCicoXf7WgUX-g5s6_CByfIm1eB4540qDIx_iRSM97ti8U-XkGTlh5EvdfQWk-q2cRio8MnH5FXeElVqpm8IYVsP1GVr2_ScOU-2G6cZY-D8jKjwtKrpoCHJF3Mrj-E622hQvAN7BI4sflySlXQ_KYSImp8jb0hTowq4kizRTEMjDOr8eLdDXI7_rSgQuvnhuUHjslJJhyEmskNr1ihgMlFPsg-rY26Tu3qlGn4h4OpFr_QK237vCDrtV6BruoU9ATL57HmLknec9FyiVM4oY5nmLZjB53G7jARRM9SiP24qEtUF-P1z5e9pJQPGfsO82vThWJZamq0KwkJXrVNfd5oPTgLHJ32C6FIg_BBim6xvNpGYXW6ug_hGE_Pp5Z3iokkLji09De20qZ1kKi2yDq5TFuHeboHIJTVf6dSSbE3cP8Q3lXHqjKtp4pBgUt12xDzrg_HDHYAi5r6tiKYHCBdCRpq0ego_yTOtPdGuY3bfuhckdrQn6bboIEuBlaftX0hg_dr55nBIdixDTEh-rXwSD1wqk9ROBQu34hb5TpclS7tkntyJfMzCSsFnxr4ix84us4ZFhoAz4GbLgeVNDUzHZ3DvZPwf1rQB8on9tuEzm3sdZhPBXgoLKCATfZLzBhdFbGNnrGvj4LefbM5rXF0zYGZ7ydY4gr1lAZJ8IwNdMbFskQzhdgR9KJVVRCKeLrddxFNp2SrMO4SceJ7PB8ijkwdt0QSvkgM-CkZIhyOJ6_EoeIWI8hUFRc_Z1brxotnm1L25I09msJ9BvuZOcnJz4qqc6XdS6SGiFylCerhjaB635hWJOFUa12u5LZtF5l3ap2aJARrfoe3lHVKahGXpfLGR1U0JsRR9CJujSx580db58BoNRmskrEKB1TgZRjKJVcp4RK5aVKOi_ouAa6S73cdPmfTxIrMgjTZ9hqrNgOgMyPkytkKVWfcAuJ7uNKy&cid=CAQSTwDICaaNgbt9hVE4gA4wcgv3HURKFYHsKnbsuqk8HO3-WCdc_ib6SQ-YONJd-tZTw9sdbwHl5sTvkOiGBfnirdVFZs-mlWYrJ2PZhb0uJPoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.steganos.com%2F&ds=l&xdt=1&iif=1&cor=17804481310323806000&adk=521587873&idt=77&cac=0&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 07:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 309004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 07:11:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D63 0
0 53ms
52ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=349913210538938&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EA14 0
10 B 25ms
24ms Image
text/plain 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?48svRA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 318B 38 KB
13 KB 31ms
30ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 237917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 02:55:53 GMT
expires: Fri, 06 Dec 2024 02:55:53 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index-08bee3b1.js Show response
cdn.rtbrain.app/ng-assets/creative/assets/ Frame 50DA 105 KB
39 KB 47ms
32ms Script
application/javascript 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.1786538880~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280&nras=4&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7857661cbf6386f01bf627f1329e196fb85a3c8d2ce9f2b49336497ed96b1b

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1418
cf-polished: origSize=107390
x-guploader-uploadid: ABPtcPpxQtTfCSyPOb_enn-BbE9QJRdmfeaoA7RqjtHSzqUaQGS0ttPVF6k_k26tLPbZscwTlpR1YFlaPQ4LsgRnuVpcMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Thu, 07 Dec 2023 14:16:01 GMT
server: cloudflare
etag: W/"eb3bd05687aff47dc216f3861993307b"
vary: Accept-Encoding
x-goog-generation: 1701958561063690
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=uVi5mA==, md5=6zvQVoev9H3CFvOGGZMwew==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbUpNBo7IWiJzIlELVp1UyiSjDGMTrcli5oHkiMNQfMD8FBle2Cvtv5Kwc0TXWhr4M43sUDwTURyQI9cTqYY%2BK7zcBk6%2F59nCNVEo%2F1X%2FDmNtFNaj7YLvVAPTFMakx6xALjngv%2BOQmLxE%2F9Bwg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 107390
cf-ray: 83302e8e0b984bd3-BUF
expires: Sat, 09 Dec 2023 21:08:25 GMT

GET
H2 200 index-af5b3122.css
cdn.rtbrain.app/ng-assets/creative/assets/ Frame 50DA 12 KB
3 KB 48ms
34ms Stylesheet
text/css 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.1786538880~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280&nras=4&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2626
cf-polished: origSize=12801
x-guploader-uploadid: ABPtcPotqeZsepELF5aFka9N-itjmDYcB7OBwXhmEWO2vp5olJFYra3CUcN8ZFHEBZvrlHA7q7fmDhtUZROJ0_PhsvzSIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:44:13 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-generation: 1701096253798128
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KK%2FMfNnyfbBEnGqzPQSw0c8%2BeLoen8tMF9hjvwZE1rCdG3tUT0cLKnrOyGuTOUPklTC8t1yT4QKQ5F4qar6LnCiLRa3jLv7iXg78hJDXbMUnh3%2BiEtMJe5t3W52TORey2rjN5pUgWA34Z%2FNbAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 83302e8e0ced4bc1-BUF
expires: Sat, 09 Dec 2023 21:09:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 50DA 3 KB
1 KB 30ms
28ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.1786538880~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280&nras=4&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:34:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 50DA 20 KB
8 KB 31ms
24ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:51:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 50DA 0
0 52ms
45ms Image
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTz5zqJonYVybbe-kYGNBulZ3tT3T4RQIfSxn1ViJOnq7c3BNTCWGFf1bf51tXlYr3v3Q7RO0DlbXZgfmK7eQBAI5czuQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.1786538880~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280&nras=4&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50DA 202 KB
64 KB 55ms
42ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:01:10 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame E5A0
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1712960/76808492/xbbe/creative/adj?p=APEucNXFoNwqUQOvzqbbYkXE6wp0W1yhsw2J_vPd7G1wVztJH1lDIh8&d=CokBAKAmf-AhciWk5PWPRQI5XWUAQ4GHre3CeduCM1bkwUeldISv9ULJH6fRCwC...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXFoNwqUQOvzqbbYkXE6wp0W1yhsw2J_vPd7G1wVztJH1lDIh8&d=CokBAKAmf-AhciWk5PWPRQI5XWUAQ4GHre3CeduCM1bkwUeldISv9ULJH6fRCwC7NTbbPXarlpF520llDeNlfZxPO...

60 KB
22 KB

155ms
71ms

Script
text/javascript

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXFoNwqUQOvzqbbYkXE6wp0W1yhsw2J_vPd7G1wVztJH1lDIh8&d=CokBAKAmf-AhciWk5PWPRQI5XWUAQ4GHre3CeduCM1bkwUeldISv9ULJH6fRCwC7NTbbPXarlpF520llDeNlfZxPOmrkLtAkGOoajrTt93TPXM9H04F35G4oN7dZbkq9moQEmqj0yE8u1JS3rQt9UaQbPpID8hUphp03Xa1ZP9u9azmuNwHsXZKUjDMS2RQAoCZ_4KW87H4U5uACvI-JQJZm-dMzvuFxZGA2DVXBmfXMJsk36U_pOIpYtAjlZvgSsc6igu2aGkRedyhjp-DbD2Dd6eisJ8nARy9_xhJn1DEmCiFWdNCWIqSI-P5PqQwRcrnPp6-zIfLoQJdwxqtJFjnLzS-fjENXz23Ug0LKmV3kQmfukbRFZTyBUc_bMw39wS-ZFZs93NS2YSuKGSMMkKcZVzX9MIDNX8uP0NJRjJ1El1rJVKngy_aaXFTxxjaqMoQGUOuRp-sCjF9p_z_-xHWLRZDWywqRDBT6Kdu0TkszAc14HQv_dWIuUDoFe0D9uglgpsZ9H9h8Os8dGEXe6Qnp-m0k-zTMXT2-DEaAOxvRm7us6Lq-pMpaAFeEJGJgQ98g-JFcT3Fg-CGXvJikopPP7hoY_oiEdikIC76eAaPdNg2t4tAuf8gCSzzrRCgO18cJq_kxU6bil-ISDHc5CAjtEk3qg-WmCbtdMMHgcl-2GOKkQYm1IeYgvh6iu_qlJh1D_Y8TG33oq_2XVks9gsQo0d_gqFAmpcXAPvexoJYY2UOMkcGct10TG5fkEZ7LP7RHDEMORDiuxiI_1_L2No9yeOt4m22d8cQmgMG3rlgWT56XjQ2JcJeZKk6KE4cmeKhB_F54JpuxGiTqT_vckSYwx_ehvpTfFdLfXxEduDvGQ-leDyy0Y55_1MFxGXLf6HB4NnTGAq2f3KEjw_1YYvfhDZaPLSlfZWADzBLzy0Oj4dB9qKmDtoaPcEnD_I_59YYFmVkB02Bvj28qewR8vbBEEDN_41t0pe7Qr-zXYcCk8nNTmEkAeBVpGhnUyfkWO-yFyd_HabJCmG23S80PixYaZHdGvfvyRnn1JD68imS6LISjDMwLWKY_aYJbe8x16jomk5VqbZm2g5Cye87hQZsgN-zGk70CdmayZPCrx9SfytotzFvmd0VNDidr_n-eozm5SuzSym6d0hkLOjlXdy0CEFW8fE7cW8wHlu_O_lmm9k9AI6bY8Ub2x7Aw0R9uH5jJHpYr7-rgkbuLoR6ezq0qQwWLhs3m5jQ2sTyEvEcTEZVL3hHQfgt7-RULCWFxGFbAMZNT71X5rKT8TsvYesQ6Yr_xq24IiqXCCx0q3qYt9I_l5ozGjUzUSov2uDavFb_eSWG84p4DLB9uQUbeP-JPfl1EyfKPxPQnjlUkcn4q_-Gd9GY39J58F69gOAW6Gf1c7nOB6tOBvcEKqfIyyUmBr3IHLTzsSHdbjILCVRovVl5MaxsAumpQmdorlkzoQEki7gPyyr1TEFiAXsGFdCP2h1A_BZbxpDVXgyVcDYFMqvDFKzwI2WcdtfTJkA-D1iCjSSBMc04lMS7PZllPX5Eyvrb9tv0L2TETIUVc_0L7GPKMs62G5d2vk2i2NgmkgBSjSTvC6TfnAtevU0qO8qKLbnZsCCsX49607qicqOKKV4Y_MXFLDnod0oKH9p5WOAKz224tZsuwdy9yUvI1tHbROHZjENBWvtkeTZg7gBpQIw4QcNt6sTDL1cwNTCAraaI1co7ffRAaqYI5VdgGMUNvKC8hswwqCe9lAI2IFceZfRQ3uNV-29voF844EAReEmfAwC5rWCendm22HWYT1GkgXXQQGjQcwOBYTGo0FVjmuSzmKS-rJSAYB1o3lvnQoifbV74kGihG-OUKD3JtOE7HHROJ_x-MiHzeyRQGliIK3XsyeCCUbpVBh-B0b1pJ1qbZ2sutRxlRzLHQ9R9uLg-URzIQRcpdMt3BPtxaRI4EF5j1a2nao20N8CKM59v38FMRt12_XXrUbnoDkjqhCCRik9NSuE0gZBpy75sYKIqQdTmx__UqzVGVVfMQSAHOKaubCKJJtKR4K6_fva9pO_lwYfsVriscyrk11huS2VmFSsG1lsFaZlIyLvLDTjZ-P2ttu6W9J4bX3RH-gNmaVj82LF50B43YdNhrHYiTGPCFYaeAsBmiMp-OYALA5EqG2AbMD7CKU018dhoG6RpTTEDzGgmTRB_e4rAkKJJw6VVJdO4E2KP8mjCGQ5fzFdQEDlTsL0IsxlvSZms1DpKU5_iZVVZXQS53RsfEzyN8iKgnovB-NOxDOxmwVit3wjkZJZwnT174x5jQroRzThvHZi8GBQZi_c5lyByrrnBaKmQdoetRYwWE7Zjz2lMyoXtFLxFi9Mzn3XgrGgRARFUE7IorzaHVuruckdaJ9KZC7TFEY7CviZmxVA4YMoKa9vvanALfnvBmWzlolQZUUCvWJuX14FXmEbjp7c9qZcSaoC9-qOvoFw6FaYgTwHRrgbQ6WXN791pbwkJouPtTqHexkZvJH7WKgpXFBJadcw7Us0hj0vI6h8Ljyq4Uak-fYBB5eB-6DBpVAHzL8kSXPCdU2ycsSGB8sVGP-Wm7PyhLlYFdyTENgfJ7jGhwlaIOv-kS5_2L0CwTtJnfZSksYzVoQ6ggeuVwQJ3GMm2lfRZ81YWdTtVuKwD_iVwJllLC16riVqKFZr0CxU8WhHOzHuaoxum1gpLQCXajpaT9GED6lzuKfAL4eRACw9Gd52ZB_YoFjTtiwySZ1BAvh_nCuyvHj2PoSTGwskSsnrtoPnGRvnE-8mvQRoNid5OmEcQYI46qnmExRH_CgQtUNk_1Y7YtEKyCrGkqEh53V_oz3kpDiLVOLXgztpf9oCFzW-MKppS5GuuTQiwM_nchYH3r4O9FAhDjdGGpIR8W6jcsY8NS8aUCOrtq1n6Va4ShS8snwHTNNV1MqaLrnt8PAtyF0GGDKXi1hfGNLlkxw_zzoC5uGpNM8Orh3c1RVwXgUk4krrxao7f56qtppWZsA6j_IuI1g9vebyjs0wvTEilC3y58G8HsKssi5plreA7bkXLMeKK69N9tl1vUkR5v722ne6SWf8BzZKVBPytcufTJ8Ys8TsD4ISRkzD3rNnvk41P-j57wLHPhvLKAfOTCvqZ_AR0XuNfdQ72W_raaIMDP1oLUVo12I6-yKROhO_Rnmb3dc8AEZDYn-1gSmBZiyVMJz-63ALOA1H3qNwMaOtZDLQIh681z7zWdT9-uq5KnMDao_dmUFahGRYrkxYmEmKDBDjpGegZYC5nkEANxUSEueBa9EG3xHJYeFKg0RaD_vDRXmA1M5tDKoIQ3NvodP-w_y6Zs8ldz5ONRU5WM1uzuOWj1FMvhs-LbE8beCrhgxjeNMhzslwdSm_uSopn7TsARdHGcWhdR48iTsiUSrLoakeletav-Z6L7H7HCtvmePix6ZeRX38a-lgbFNPZjtX0S2Q_bbEX5JH04TA2iD4XKyS_gUjQX5lTk59jYLwq9-ppggdv2LUdIDILsNYzfTtGfKgVlxBJqxuJ5BPvBu1ssMIAjKuJVj2y5rfPR5D6ln1sEZEoTddIRpAkPnJXcbyaYGyLNIqizndH1vxWKm11bjs224wDaLPXUgkWqUsm8p0N5n0kBpB_R5jEfskbnufkWUiBPBP3b9TmAo1iJWNEotNxx1RN20bZYGcZfQfThMMPnoiFJQH_1cGMI3CgaVQgEEk8AyAmmjYG7fYVROIAOMHIL9x1EShWB7Cp27LqpPBzt_lgnXP4m-kkPmDjSXfrWU8PbHW8B5ebE75DohgX54q3VRWbPppVmKydj2YW9LiT6GAFgAQ&bundleId=&ias_xappb=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

1c012f50123281aa8e7f0c217e23e4eecf036f6cb3d68e09ed1398926b9dae37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21641
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
server: nginx
x-server-name: app30.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXFoNwqUQOvzqbbYkXE6wp0W1yhsw2J_vPd7G1wVztJH1lDIh8&d=CokBAKAmf-AhciWk5PWPRQI5XWUAQ4GHre3CeduCM1bkwUeldISv9ULJH6fRCwC7NTbbPXarlpF520llDeNlfZxPOmrkLtAkGOoajrTt93TPXM9H04F35G4oN7dZbkq9moQEmqj0yE8u1JS3rQt9UaQbPpID8hUphp03Xa1ZP9u9azmuNwHsXZKUjDMS2RQAoCZ_4KW87H4U5uACvI-JQJZm-dMzvuFxZGA2DVXBmfXMJsk36U_pOIpYtAjlZvgSsc6igu2aGkRedyhjp-DbD2Dd6eisJ8nARy9_xhJn1DEmCiFWdNCWIqSI-P5PqQwRcrnPp6-zIfLoQJdwxqtJFjnLzS-fjENXz23Ug0LKmV3kQmfukbRFZTyBUc_bMw39wS-ZFZs93NS2YSuKGSMMkKcZVzX9MIDNX8uP0NJRjJ1El1rJVKngy_aaXFTxxjaqMoQGUOuRp-sCjF9p_z_-xHWLRZDWywqRDBT6Kdu0TkszAc14HQv_dWIuUDoFe0D9uglgpsZ9H9h8Os8dGEXe6Qnp-m0k-zTMXT2-DEaAOxvRm7us6Lq-pMpaAFeEJGJgQ98g-JFcT3Fg-CGXvJikopPP7hoY_oiEdikIC76eAaPdNg2t4tAuf8gCSzzrRCgO18cJq_kxU6bil-ISDHc5CAjtEk3qg-WmCbtdMMHgcl-2GOKkQYm1IeYgvh6iu_qlJh1D_Y8TG33oq_2XVks9gsQo0d_gqFAmpcXAPvexoJYY2UOMkcGct10TG5fkEZ7LP7RHDEMORDiuxiI_1_L2No9yeOt4m22d8cQmgMG3rlgWT56XjQ2JcJeZKk6KE4cmeKhB_F54JpuxGiTqT_vckSYwx_ehvpTfFdLfXxEduDvGQ-leDyy0Y55_1MFxGXLf6HB4NnTGAq2f3KEjw_1YYvfhDZaPLSlfZWADzBLzy0Oj4dB9qKmDtoaPcEnD_I_59YYFmVkB02Bvj28qewR8vbBEEDN_41t0pe7Qr-zXYcCk8nNTmEkAeBVpGhnUyfkWO-yFyd_HabJCmG23S80PixYaZHdGvfvyRnn1JD68imS6LISjDMwLWKY_aYJbe8x16jomk5VqbZm2g5Cye87hQZsgN-zGk70CdmayZPCrx9SfytotzFvmd0VNDidr_n-eozm5SuzSym6d0hkLOjlXdy0CEFW8fE7cW8wHlu_O_lmm9k9AI6bY8Ub2x7Aw0R9uH5jJHpYr7-rgkbuLoR6ezq0qQwWLhs3m5jQ2sTyEvEcTEZVL3hHQfgt7-RULCWFxGFbAMZNT71X5rKT8TsvYesQ6Yr_xq24IiqXCCx0q3qYt9I_l5ozGjUzUSov2uDavFb_eSWG84p4DLB9uQUbeP-JPfl1EyfKPxPQnjlUkcn4q_-Gd9GY39J58F69gOAW6Gf1c7nOB6tOBvcEKqfIyyUmBr3IHLTzsSHdbjILCVRovVl5MaxsAumpQmdorlkzoQEki7gPyyr1TEFiAXsGFdCP2h1A_BZbxpDVXgyVcDYFMqvDFKzwI2WcdtfTJkA-D1iCjSSBMc04lMS7PZllPX5Eyvrb9tv0L2TETIUVc_0L7GPKMs62G5d2vk2i2NgmkgBSjSTvC6TfnAtevU0qO8qKLbnZsCCsX49607qicqOKKV4Y_MXFLDnod0oKH9p5WOAKz224tZsuwdy9yUvI1tHbROHZjENBWvtkeTZg7gBpQIw4QcNt6sTDL1cwNTCAraaI1co7ffRAaqYI5VdgGMUNvKC8hswwqCe9lAI2IFceZfRQ3uNV-29voF844EAReEmfAwC5rWCendm22HWYT1GkgXXQQGjQcwOBYTGo0FVjmuSzmKS-rJSAYB1o3lvnQoifbV74kGihG-OUKD3JtOE7HHROJ_x-MiHzeyRQGliIK3XsyeCCUbpVBh-B0b1pJ1qbZ2sutRxlRzLHQ9R9uLg-URzIQRcpdMt3BPtxaRI4EF5j1a2nao20N8CKM59v38FMRt12_XXrUbnoDkjqhCCRik9NSuE0gZBpy75sYKIqQdTmx__UqzVGVVfMQSAHOKaubCKJJtKR4K6_fva9pO_lwYfsVriscyrk11huS2VmFSsG1lsFaZlIyLvLDTjZ-P2ttu6W9J4bX3RH-gNmaVj82LF50B43YdNhrHYiTGPCFYaeAsBmiMp-OYALA5EqG2AbMD7CKU018dhoG6RpTTEDzGgmTRB_e4rAkKJJw6VVJdO4E2KP8mjCGQ5fzFdQEDlTsL0IsxlvSZms1DpKU5_iZVVZXQS53RsfEzyN8iKgnovB-NOxDOxmwVit3wjkZJZwnT174x5jQroRzThvHZi8GBQZi_c5lyByrrnBaKmQdoetRYwWE7Zjz2lMyoXtFLxFi9Mzn3XgrGgRARFUE7IorzaHVuruckdaJ9KZC7TFEY7CviZmxVA4YMoKa9vvanALfnvBmWzlolQZUUCvWJuX14FXmEbjp7c9qZcSaoC9-qOvoFw6FaYgTwHRrgbQ6WXN791pbwkJouPtTqHexkZvJH7WKgpXFBJadcw7Us0hj0vI6h8Ljyq4Uak-fYBB5eB-6DBpVAHzL8kSXPCdU2ycsSGB8sVGP-Wm7PyhLlYFdyTENgfJ7jGhwlaIOv-kS5_2L0CwTtJnfZSksYzVoQ6ggeuVwQJ3GMm2lfRZ81YWdTtVuKwD_iVwJllLC16riVqKFZr0CxU8WhHOzHuaoxum1gpLQCXajpaT9GED6lzuKfAL4eRACw9Gd52ZB_YoFjTtiwySZ1BAvh_nCuyvHj2PoSTGwskSsnrtoPnGRvnE-8mvQRoNid5OmEcQYI46qnmExRH_CgQtUNk_1Y7YtEKyCrGkqEh53V_oz3kpDiLVOLXgztpf9oCFzW-MKppS5GuuTQiwM_nchYH3r4O9FAhDjdGGpIR8W6jcsY8NS8aUCOrtq1n6Va4ShS8snwHTNNV1MqaLrnt8PAtyF0GGDKXi1hfGNLlkxw_zzoC5uGpNM8Orh3c1RVwXgUk4krrxao7f56qtppWZsA6j_IuI1g9vebyjs0wvTEilC3y58G8HsKssi5plreA7bkXLMeKK69N9tl1vUkR5v722ne6SWf8BzZKVBPytcufTJ8Ys8TsD4ISRkzD3rNnvk41P-j57wLHPhvLKAfOTCvqZ_AR0XuNfdQ72W_raaIMDP1oLUVo12I6-yKROhO_Rnmb3dc8AEZDYn-1gSmBZiyVMJz-63ALOA1H3qNwMaOtZDLQIh681z7zWdT9-uq5KnMDao_dmUFahGRYrkxYmEmKDBDjpGegZYC5nkEANxUSEueBa9EG3xHJYeFKg0RaD_vDRXmA1M5tDKoIQ3NvodP-w_y6Zs8ldz5ONRU5WM1uzuOWj1FMvhs-LbE8beCrhgxjeNMhzslwdSm_uSopn7TsARdHGcWhdR48iTsiUSrLoakeletav-Z6L7H7HCtvmePix6ZeRX38a-lgbFNPZjtX0S2Q_bbEX5JH04TA2iD4XKyS_gUjQX5lTk59jYLwq9-ppggdv2LUdIDILsNYzfTtGfKgVlxBJqxuJ5BPvBu1ssMIAjKuJVj2y5rfPR5D6ln1sEZEoTddIRpAkPnJXcbyaYGyLNIqizndH1vxWKm11bjs224wDaLPXUgkWqUsm8p0N5n0kBpB_R5jEfskbnufkWUiBPBP3b9TmAo1iJWNEotNxx1RN20bZYGcZfQfThMMPnoiFJQH_1cGMI3CgaVQgEEk8AyAmmjYG7fYVROIAOMHIL9x1EShWB7Cp27LqpPBzt_lgnXP4m-kkPmDjSXfrWU8PbHW8B5ebE75DohgX54q3VRWbPppVmKydj2YW9LiT6GAFgAQ&bundleId=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame A7AC 91 KB
23 KB 138ms
39ms Script
application/javascript 2600:9000:25c8:fa00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:fa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 f300b5f0c0ff51593fb31953294424c0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 11381731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Sk-QMlx2p-AWQn2JlIMzCJ3f_XsNwG5U7XlmlEHc7ksoFuWE2p1DKA==

GET
H2 200 index-08bee3b1.js Show response
cdn.rtbrain.app/ng-assets/creative/assets/ Frame 8D36 105 KB
39 KB 41ms
36ms Script
application/javascript 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7857661cbf6386f01bf627f1329e196fb85a3c8d2ce9f2b49336497ed96b1b

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1418
cf-polished: origSize=107390
x-guploader-uploadid: ABPtcPpxQtTfCSyPOb_enn-BbE9QJRdmfeaoA7RqjtHSzqUaQGS0ttPVF6k_k26tLPbZscwTlpR1YFlaPQ4LsgRnuVpcMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Thu, 07 Dec 2023 14:16:01 GMT
server: cloudflare
etag: W/"eb3bd05687aff47dc216f3861993307b"
vary: Accept-Encoding
x-goog-generation: 1701958561063690
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=uVi5mA==, md5=6zvQVoev9H3CFvOGGZMwew==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whZRyjpG%2BEu43UJXHc64N0xBMJhJ60pstCJTn3TSpn%2Fkl9rcrhpP2c8Tw0KLlZifbQYHNRpKBV4iTqNuMP2x08%2FUabRfo7WNjl3EN18ySDmZKctnU2Ad8OqEbLtAv3P%2FGChw%2FnVVAs7EKzhgbg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 107390
cf-ray: 83302e8e8bad4bd3-BUF
expires: Sat, 09 Dec 2023 21:08:25 GMT

GET
H2 200 index-af5b3122.css
cdn.rtbrain.app/ng-assets/creative/assets/ Frame 8D36 12 KB
3 KB 37ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2626
cf-polished: origSize=12801
x-guploader-uploadid: ABPtcPotqeZsepELF5aFka9N-itjmDYcB7OBwXhmEWO2vp5olJFYra3CUcN8ZFHEBZvrlHA7q7fmDhtUZROJ0_PhsvzSIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:44:13 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-generation: 1701096253798128
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Zw%2FWX1BpChf4hCC52ijKd7319gT5M1FFVgtB0RfO7i0b3J%2FLkBCOqMqDuGVr7Cj9xAMva3sIB3ufTCohv6gs3BkPXM6fctVONWw5UftDe%2FSsneielxNpuVw4ACPIP228JpIYhTyrPHKBlZZ3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 83302e8e8d074bc1-BUF
expires: Sat, 09 Dec 2023 21:09:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 8D36 3 KB
1 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:34:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 8D36 20 KB
8 KB 29ms
26ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:51:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8D36 0
0 45ms
43ms Image
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSv0VEYl9pNUsuXdp8AtDviF8IFUgdJHoueDpIq8VseEFhY4lYJY4QSbrLwLYwAeCm4lOpo7hPBGANK11EF9vDdkFk1iA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D36 202 KB
64 KB 77ms
75ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:01:10 GMT

GET
H2 200 index-08bee3b1.js Show response
cdn.rtbrain.app/ng-assets/creative/assets/ Frame FBC1 105 KB
39 KB 37ms
32ms Script
application/javascript 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7857661cbf6386f01bf627f1329e196fb85a3c8d2ce9f2b49336497ed96b1b

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1418
cf-polished: origSize=107390
x-guploader-uploadid: ABPtcPpxQtTfCSyPOb_enn-BbE9QJRdmfeaoA7RqjtHSzqUaQGS0ttPVF6k_k26tLPbZscwTlpR1YFlaPQ4LsgRnuVpcMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Thu, 07 Dec 2023 14:16:01 GMT
server: cloudflare
etag: W/"eb3bd05687aff47dc216f3861993307b"
vary: Accept-Encoding
x-goog-generation: 1701958561063690
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=uVi5mA==, md5=6zvQVoev9H3CFvOGGZMwew==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ldv0rwlRwKMATH7Ot0WsqljXdVohRDbDzEBOVRiibbgX515j9St4czf0jBQX%2F00JgBjKDaqoi2JSdjuB%2FL8EQrxnxub0js9Bxdyv%2Fd1gEl%2BYH3bSsGR0Ctm%2FQCp2w6cYBRlOMNwbGMowjw6Pww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 107390
cf-ray: 83302e8e9bb54bd3-BUF
expires: Sat, 09 Dec 2023 21:08:25 GMT

GET
H2 200 index-af5b3122.css
cdn.rtbrain.app/ng-assets/creative/assets/ Frame FBC1 12 KB
3 KB 37ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2626
cf-polished: origSize=12801
x-guploader-uploadid: ABPtcPotqeZsepELF5aFka9N-itjmDYcB7OBwXhmEWO2vp5olJFYra3CUcN8ZFHEBZvrlHA7q7fmDhtUZROJ0_PhsvzSIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:44:13 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-generation: 1701096253798128
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqHTVLoRw11Ob2bP4EtligD4vWML7%2B5VsQYPwFLSh%2FnxmDaDJNb4py7RZkx9B4o2ZC41I0yXyKNbEEEY58PnGdtLeUqO0%2Fu3hJNdyCygquZZ2jlDa5OvBYVZ6hinYdWh9Q0oJz7Psbair1eeAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 83302e8e9d104bc1-BUF
expires: Sat, 09 Dec 2023 21:09:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame FBC1 3 KB
1 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:34:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame FBC1 20 KB
8 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:51:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FBC1 0
0 44ms
42ms Image
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVSO52nyEzHPzBM-x8jAEGYFteqHTaQKRiu_oDZH4dIUaHQiPUCJewrsnq0l-EgJVd_HtGlj0ASZ4wB_qYSbS5vVz5oQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBC1 202 KB
64 KB 100ms
99ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:01:10 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5A0 43 B
215 B 316ms
105ms Image
image/gif 2600:1f13:800:7782:4718:9bfc:3344:bf82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=34b38cb3-c206-1d8e-569e-ce9b69bcdc02&tv=%7Bc:wiqcU2,pingTime:-3,time:94,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:95,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B86~0%5D,as:%5B86~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXYHJ76+11%7C12%7C13%7C14%7C15%7C16%7C171*.1712960-76808492%7C1711%7C1712%7C181%7C19,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:28%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4718:9bfc:3344:bf82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5A0 43 B
215 B 294ms
90ms Image
image/gif 2600:1f13:800:7782:4718:9bfc:3344:bf82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=34b38cb3-c206-1d8e-569e-ce9b69bcdc02&tv=%7Bc:wiqcU8,pingTime:-6,time:100,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:100,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B91~0%5D,as:%5B91~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXYHJ76+11%7C12%7C13%7C14%7C15%7C16%7C171*.1712960-76808492%7C1711%7C1712%7C181%7C19,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:28%7D&tpiLookup=ao:www.steganos.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4718:9bfc:3344:bf82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1A43 1 KB
643 B 28ms
25ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 48348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 07:35:22 GMT
etag: 48472445140208031
expires: Sun, 10 Dec 2023 07:35:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B0A8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 537d7bdc085d85c226d1d9c180e4de28f7450d421b2e7ee3055aad02bddf6357

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5A0 43 B
216 B 198ms
89ms Image
image/gif 2600:1f13:800:7782:4718:9bfc:3344:bf82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=34b38cb3-c206-1d8e-569e-ce9b69bcdc02&tv=%7Bc:wiqcVH,pingTime:-2,time:197,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:308,beZ:310,mfA:314,cmA:315,inA:315,inZ:319,prA:320,prZ:329,si:336,poA:338,poZ:365,cmZ:365,mfZ:365,loA:408,loZ:411,ltA:506,ltZ:506%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:198,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B189~0%5D,as:%5B189~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXYHJ76+11%7C12%7C13%7C14%7C15%7C16%7C171*.1712960-76808492%7C1711%7C1712%7C181%7C19,idMap:171*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:28,sinceFw:168,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4718:9bfc:3344:bf82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 11E5 1 KB
643 B 25ms
24ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 48348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 07:35:22 GMT
etag: 48472445140208031
expires: Sun, 10 Dec 2023 07:35:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 50DA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c76fb8298f86291bf287540029811cceb58447f5c6154aebfead3c22817c1f7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 318B 39 KB
15 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 05:48:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CCF8 1 KB
643 B 27ms
26ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 48349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 07:35:22 GMT
etag: 48472445140208031
expires: Sun, 10 Dec 2023 07:35:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8558 1 KB
643 B 26ms
24ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 48349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 07:35:22 GMT
etag: 48472445140208031
expires: Sun, 10 Dec 2023 07:35:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8D36 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1a1f1928dc29d07aa59110f6818861ee43b9c09209a615edb2219ca4d0ac5b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FBC1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5669e7c481146be8ad297c0c4351a5daea4ab74226f6ee8d32dfab79c8c9706

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A43
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOufR3LdKxSCwQ6cL13MwsA&google_cver=1&google_push=AXcoOmRqIANlZ52zyqADDN5-T5t6-FSoVezrQ0lNCaNLTWcDxo647bp...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5d258391cc3f051c&is_secure=true&networkId=14000&version=1&google_gid=CAESEOufR3LdKxSCwQ6cL13MwsA&google_cver=1&google_push=AXcoOmRqIANl...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABg6CNUpwtfQNhNygYAAAAAAA&expiration=1702242071&google_cver=1&is_secure=true&google_gid=CAESEOufR3LdKxSCwQ6cL13Mw...

170 B
188 B

44ms
43ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABg6CNUpwtfQNhNygYAAAAAAA&expiration=1702242071&google_cver=1&is_secure=true&google_gid=CAESEOufR3LdKxSCwQ6cL13MwsA&google_push=AXcoOmRqIANlZ52zyqADDN5-T5t6-FSoVezrQ0lNCaNLTWcDxo647bpDKu4fMczPK9X4XKKfuU43YznAr3MM-AAQeIn_OVY2ntD3T2oaMOeTz5vqgogpW8qPvfO7fHwLr_nGjSTYvOkaGyhjhA

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABg6CNUpwtfQNhNygYAAAAAAA&expiration=1702242071&google_cver=1&is_secure=true&google_gid=CAESEOufR3LdKxSCwQ6cL13MwsA&google_push=AXcoOmRqIANlZ52zyqADDN5-T5t6-FSoVezrQ0lNCaNLTWcDxo647bpDKu4fMczPK9X4XKKfuU43YznAr3MM-AAQeIn_OVY2ntD3T2oaMOeTz5vqgogpW8qPvfO7fHwLr_nGjSTYvOkaGyhjhA
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1A43
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEr1CtU3hBkyxjLzivq33cw&google_cver=1&google_push=AXcoOmS5dNpYXoKVtxjw2pJ0yAhH6nEYBx-ysNm_43_1XFvRdxcuNqufXMMq2Ixu-FsNuZyEPMTbbcY-X7C5dr3he0eGW1qjJnUmY...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEr1CtU3hBkyxjLzivq33cw&google_cver=1&google_push=AXcoOmS5dNpYXoKVtxjw2pJ0yAhH6nEYBx-ysNm_43_1XFvRdxcuNqufXMMq2Ixu-FsNuZyEPMTbbcY-X7C5dr3he0eGW1qjJnU...

43 B
399 B

125ms
103ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEr1CtU3hBkyxjLzivq33cw&google_cver=1&google_push=AXcoOmS5dNpYXoKVtxjw2pJ0yAhH6nEYBx-ysNm_43_1XFvRdxcuNqufXMMq2Ixu-FsNuZyEPMTbbcY-X7C5dr3he0eGW1qjJnUmY1p_BFFo_sa7d5npngNT9YPjLLqf2wr3YH9828tW0TR_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS5dNpYXoKVtxjw2pJ0yAhH6nEYBx-ysNm_43_1XFvRdxcuNqufXMMq2Ixu-FsNuZyEPMTbbcY-X7C5dr3he0eGW1qjJnUmY1p_BFFo_sa7d5npngNT9YPjLLqf2wr3YH9828tW0TR_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83302e91b9204bbd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 67
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEr1CtU3hBkyxjLzivq33cw&google_cver=1&google_push=AXcoOmS5dNpYXoKVtxjw2pJ0yAhH6nEYBx-ysNm_43_1XFvRdxcuNqufXMMq2Ixu-FsNuZyEPMTbbcY-X7C5dr3he0eGW1qjJnUmY1p_BFFo_sa7d5npngNT9YPjLLqf2wr3YH9828tW0TR_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS5dNpYXoKVtxjw2pJ0yAhH6nEYBx-ysNm_43_1XFvRdxcuNqufXMMq2Ixu-FsNuZyEPMTbbcY-X7C5dr3he0eGW1qjJnUmY1p_BFFo_sa7d5npngNT9YPjLLqf2wr3YH9828tW0TR_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83302e90c8df4bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A43
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGQnpTV7VbCQQ-rFpjUQEQY&google_push=AXcoOmRpXZ4gqIp02mNjdHS2fwH7u60vbYC2HlzD4kAu8xakiQv2FDn54H...

170 B
188 B

47ms
46ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGQnpTV7VbCQQ-rFpjUQEQY&google_push=AXcoOmRpXZ4gqIp02mNjdHS2fwH7u60vbYC2HlzD4kAu8xakiQv2FDn54HffSrs2JEQYDcsIpUSZAdn7z0jkis-ySdNCpKVO-eHC439bKOhuf1XtCyrmpkERUiD1-HArU1Izqf4XNRr7t_pMEw

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-yyz4540-YYZ
pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1702155671.169377,VS0,VE22
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGQnpTV7VbCQQ-rFpjUQEQY&google_push=AXcoOmRpXZ4gqIp02mNjdHS2fwH7u60vbYC2HlzD4kAu8xakiQv2FDn54HffSrs2JEQYDcsIpUSZAdn7z0jkis-ySdNCpKVO-eHC439bKOhuf1XtCyrmpkERUiD1-HArU1Izqf4XNRr7t_pMEw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 1A43 43 B
363 B 109ms
31ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSaN_kT4i_buHMBn0dewOToEXTIbMziaqPHVRM-7LcYAvSpZYGmnD7kyV1LRR-CX5UmPz-Hx7OXeh5gPrfXgL77GKapAOSIosPKetPiVoMdg0qXH18rVUI6CCD8mq7AObG9a0Bc-ujj1Q&google_gid=CAESEFIWlVtGZMbojigScmQRtGI&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:10 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 332636
expires: Sat, 09 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A43
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDaULj4m5bNrydFSZS_GJPg&google_cver=1&google_push=AXcoOmSS_57DnZHyaGidfH7Dfc8YrpCJNe2qacnEt-ZLjkj2Qh0k-Z0MjaDtdB-U28Pt45OA9kyy9xWKJrVUg6e-ppC2dVm...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSS_57DnZHyaGidfH7Dfc8YrpCJNe2qacnEt-ZLjkj2Qh0k-Z0MjaDtdB-U28Pt45OA9kyy9xWKJrVUg6e-ppC2dVmgEvPhCAystBqjp51aT7OsngabP4...

170 B
188 B

42ms
41ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSS_57DnZHyaGidfH7Dfc8YrpCJNe2qacnEt-ZLjkj2Qh0k-Z0MjaDtdB-U28Pt45OA9kyy9xWKJrVUg6e-ppC2dVmgEvPhCAystBqjp51aT7OsngabP4RCe_82HqraGX04-XFbuVr8FCg&google_hm=Nzc0NTAyMzI5NTE5MzgxMjQwMQ==

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSS_57DnZHyaGidfH7Dfc8YrpCJNe2qacnEt-ZLjkj2Qh0k-Z0MjaDtdB-U28Pt45OA9kyy9xWKJrVUg6e-ppC2dVmgEvPhCAystBqjp51aT7OsngabP4RCe_82HqraGX04-XFbuVr8FCg&google_hm=Nzc0NTAyMzI5NTE5MzgxMjQwMQ==
Date: Sat, 09 Dec 2023 21:01:11 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 1A43
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEKcLSTi8adOmoHmjdHCv0Qs?ext-param=AXcoOmRlBCnJymxF_H9aVNKVzwXOTFqgwD9L7lAXkRDwP9FX-FCRH4BXHRYKbEPtgjoPRw_syrN0bLv-0OWU7t-IWffv5pt9RiQEu6726AnKXZ9y_uvAlnj_OXp5...
https://an.yandex.ru/mapuid/google/CAESEKcLSTi8adOmoHmjdHCv0Qs?redir-setuniq=1&ext-param=AXcoOmRlBCnJymxF_H9aVNKVzwXOTFqgwD9L7lAXkRDwP9FX-FCRH4BXHRYKbEPtgjoPRw_syrN0bLv-0OWU7t-IWffv5pt9RiQEu6726AnK...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKcLSTi8adOmoHmjdHCv0Qs&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

153ms
152ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 23 Nov 2024 21:01:11 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A43
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEIoRJfCnUdifS_HSmeQIekQ&google_cver=1&google_push=AXcoOmQUQAVYhxcTHgDCHUIPG-h3BSHcZpeEYFQdrWRhuxXcNsEqqllzWRW8XtIkZTibM_Fr7nIwK-n4_EE6FK2wrjjS8mbh5...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQUQAVYhxcTHgDCHUIPG-h3BSHcZpeEYFQdrWRhuxXcNsEqqllzWRW8XtIkZTibM_Fr7nIwK-n4_EE6FK2wrjjS8mbh5eVRbRFbjqwxYRNfE_m9NKpP4c6mI...

170 B
188 B

61ms
58ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQUQAVYhxcTHgDCHUIPG-h3BSHcZpeEYFQdrWRhuxXcNsEqqllzWRW8XtIkZTibM_Fr7nIwK-n4_EE6FK2wrjjS8mbh5eVRbRFbjqwxYRNfE_m9NKpP4c6mIsInpSdkTG5TnkMSxozXyng&google_hm=81fa84b7df61f537184vao00lpyjjdlk

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQUQAVYhxcTHgDCHUIPG-h3BSHcZpeEYFQdrWRhuxXcNsEqqllzWRW8XtIkZTibM_Fr7nIwK-n4_EE6FK2wrjjS8mbh5eVRbRFbjqwxYRNfE_m9NKpP4c6mIsInpSdkTG5TnkMSxozXyng&google_hm=81fa84b7df61f537184vao00lpyjjdlk
date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 293
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1A43 0
12 B 42ms
40ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlU6847J6PV43-x9IuyCK2MDKCHOHLCpOiZJ0eplJShPFccvZL2Z5pej1VFUMLLwUTO5y0Zs8x

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B0A8 0
19 B 72ms
69ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfTHHltV0ZZCeEqDNoPMP0f2UkAuLv4iuZvG66fX_DsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTU2NjYyNTAzMDA3NTc0MDjIAQmoAwHIAwKqBOcBT9CFNDzHASqK_Jr87vktcasKIYbDYT3uLmPLJTyX33R4bnhK6gHnq4zagiNS4-_98_q4Nu1GGCh63msN9LCns3tt_DHf0EZR1cuAEgLsuY-zsqVqt6ABKVY57qWJVgOp0ZkL_gde5zHdMRhk3_oxQt0JiZEUSA7sQTGZM7YLzJNfGFM-ZJmNvcp-6LRj596SyLh32iRzfOoa_Q-fd4E-5bn8UM6jI-D66cLZzV1cTf2zLQYKL4jOJCnsjkjbrHCsMGKm2VxFrH-1NTay1wyuBMI19WNe_haXOg7mv6MpTZrdQIB-zYycgAaZvYO7rt3vzdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOlitnNKAoIODA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NjY2MjUwMzAwNzU3NDA4GAA&sigh=a95WHPjzL44&uach_m=%5BUACH%5D&cid=CAQSPADICaaNKSjBmmcDvunTdT7wmJmhUUFATj2P1J0PAXjZtzHl4E8ShZ9CN2J4SDRt73s_qNS5_9t1hp-j1RgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2778695&pi=t.aa~a.2190036708~i.101~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=2&bdt=2139&idt=2&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=3&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 21:01:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame B0A8 0
607 B 195ms
93ms Image
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=145b3554-96d6-11ee-8d63-4e1a27dfad13&d=www.steganos.com&cr=ext_ng_start_ghst8&gid=CAESEP1R1Xgr1iSMrh7KJ9HfVDk&a=imp&p=ZXTVlgAEjxAIaCagAAU-0ft7buF9yJCcmFplDw&im=onVvskQMc7Bququ5vGf9_tR9uSi0UHm8gK5T-Z5G02bKDKfwE6cWWDJSLF5Hff9svKu72oGY_c5iG2oJ-B3Q4IPgETwBATO3pKxSZ6XErQmn-0xYUtn5_0laZix7gH5k85OUOqNzvgZmBiHFGufNnTfOyo5ZzB4N_yyN06XAU0EMtYZqM9kPH4NXqvwXPQTYW9QJlozBz9N0Mi6DfshbfGh66lCkojdKYXkQKGzN2RKzpiYH_rldtlQ93jP6wh2JqnEZ-MBQk2cJH7MuUOa8rRCDb5TkXtjpiMq8-KBVDXiMI_xRvIrFiLkXq3TftYmO7HKQyvdPA0aoIOwyjbrUbI9dkn-VyheAlEjUjkqyuqo&cbvp=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eux9dJ2ZShaThxf1ZdKHjQvqQB9Ae%2FLgdfBFLz5mbfLblZwHzMQzIy7a8RpmYKa7kdqjwp%2BTwFEncVaKvfhZkSWDlnO8cvyIW0otO2%2BcvGQAo2gp%2BZVu7Wn8crwizNMVSX%2B%2F3HLN%2Fwgx44yPAA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e90fdb44bc1-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 11E5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOJx5mljelUsNVX_M4Ry0Ko&google_cver=1&google_push=AXcoOmSYOHucQty_-1lS0XNmZ8y28NTRoXmzZrXaggkGrZmu41LeInNQ-cjCnieRiKdBfR0t-g_2uSr8qTXRVmJyg0pyloZdFkcZf...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOJx5mljelUsNVX_M4Ry0Ko&google_cver=1&google_push=AXcoOmSYOHucQty_-1lS0XNmZ8y28NTRoXmzZrXaggkGrZmu41LeInNQ-cjCnieRiKdBfR0t-g_2uSr8qTXRVmJyg0pyloZdFkc...

43 B
420 B

123ms
102ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOJx5mljelUsNVX_M4Ry0Ko&google_cver=1&google_push=AXcoOmSYOHucQty_-1lS0XNmZ8y28NTRoXmzZrXaggkGrZmu41LeInNQ-cjCnieRiKdBfR0t-g_2uSr8qTXRVmJyg0pyloZdFkcZfUo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSYOHucQty_-1lS0XNmZ8y28NTRoXmzZrXaggkGrZmu41LeInNQ-cjCnieRiKdBfR0t-g_2uSr8qTXRVmJyg0pyloZdFkcZfUo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83302e91b9214bbd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 102
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOJx5mljelUsNVX_M4Ry0Ko&google_cver=1&google_push=AXcoOmSYOHucQty_-1lS0XNmZ8y28NTRoXmzZrXaggkGrZmu41LeInNQ-cjCnieRiKdBfR0t-g_2uSr8qTXRVmJyg0pyloZdFkcZfUo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSYOHucQty_-1lS0XNmZ8y28NTRoXmzZrXaggkGrZmu41LeInNQ-cjCnieRiKdBfR0t-g_2uSr8qTXRVmJyg0pyloZdFkcZfUo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83302e90d8e04bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 11E5 0
174 B 139ms
34ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEKR76YtmChJ_vpRPsf9Tz8&google_cver=1&google_push=AXcoOmTGX42wgsGjIc7Z8MD5QMIcEEqIvaUyd54OUiBTqYRqWocvxBssCT2znmcaBGREZ2ORZXQTVQU1N7-HIyX9vz1oFLvYPWm2zFU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.1786538880~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280&nras=4&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11E5
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEL9ZSf7n17H9jhy_xaDDWC0&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZDIyZWE1OTQtMzJlMS00ODc3LWFmNDUtYWE5NjA2ODQ5NzNh&google_gid=CAESEL9ZSf7n17H9jhy_xaDDWC0&google_cver=1&google_push=AXcoOmSj...

170 B
188 B

55ms
44ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZDIyZWE1OTQtMzJlMS00ODc3LWFmNDUtYWE5NjA2ODQ5NzNh&google_gid=CAESEL9ZSf7n17H9jhy_xaDDWC0&google_cver=1&google_push=AXcoOmSjHGYdSGlsc0-qe1xJwfH4kemF6NiEtTOJZylOmxRyyKybTbKSuqgopezDzctaMRb-ShbAV40_glTg8cZOZVf9YYG3tyxTeQ

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZDIyZWE1OTQtMzJlMS00ODc3LWFmNDUtYWE5NjA2ODQ5NzNh&google_gid=CAESEL9ZSf7n17H9jhy_xaDDWC0&google_cver=1&google_push=AXcoOmSjHGYdSGlsc0-qe1xJwfH4kemF6NiEtTOJZylOmxRyyKybTbKSuqgopezDzctaMRb-ShbAV40_glTg8cZOZVf9YYG3tyxTeQ
date: Sat, 09 Dec 2023 21:01:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11E5
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEH2lrV7Vbj7HYOh5WL9-cF4&google_cver=1&google_push=AXcoOmR44Fy6coB9yyvRL1WyuCzaYg43mkbvE_txPvj5YwlQ1HCXxG5zfTR-pW_gnj9rU9KuEO_jLkSUotAa769sBQ_ndKJzA...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862498241481&us_privacy=1---

170 B
188 B

71ms
61ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862498241481&us_privacy=1---

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=862498241481&us_privacy=1---
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11E5
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPO5c_vAsarZ9z6WHA5pPa8&google_cver=1&google_push=AXcoOmTP6IJB33wqOD0P3hp021ceFgCg5XQXt4tYnbGqHrMAghz6U86a910YmcnO-ZPJ7KM18iLzbbINa8db...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTP6IJB33wqOD0P3hp021ceFgCg5XQXt4tYnbGqHrMAghz6U86a910YmcnO-ZPJ7KM18iLzbbINa8dbD--QxnVneaNbg-s4lmA

170 B
188 B

61ms
43ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTP6IJB33wqOD0P3hp021ceFgCg5XQXt4tYnbGqHrMAghz6U86a910YmcnO-ZPJ7KM18iLzbbINa8dbD--QxnVneaNbg-s4lmA

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTP6IJB33wqOD0P3hp021ceFgCg5XQXt4tYnbGqHrMAghz6U86a910YmcnO-ZPJ7KM18iLzbbINa8dbD--QxnVneaNbg-s4lmA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 11E5
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIzNecQQJRK1...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OWIwYzE3NTktNDg4NC00Y2MwLTk0YjUtNTAyZjk0NzM0M2Vj&google_push=AXcoOmTr5CsP_TBz3eX_-PEB6HJo6xkl1EUI8Jm1MswkZy5AH1MNVbMORinuyhdI6oSGt...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

40ms
39ms

Image
image/gif

23.199.17.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.199.17.156 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-17-156.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sat, 09 Dec 2023 21:01:11 GMT
pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11E5
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEM_osDwkW4azWNEwWdNuwZY&google_cver=1&google_push=AXcoOmTuqs8BwwIZixzDff6Qa73iowoPbsu0iIoub2t5kwhu17DO-lSUwJoHiR7dD_0XwDsBdmlSldstLeB5nkiND1iWD5Sup...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTuqs8BwwIZixzDff6Qa73iowoPbsu0iIoub2t5kwhu17DO-lSUwJoHiR7dD_0XwDsBdmlSldstLeB5nkiND1iWD5Suph-pYjUd&google_hm=81fa84b7df...

170 B
188 B

69ms
66ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTuqs8BwwIZixzDff6Qa73iowoPbsu0iIoub2t5kwhu17DO-lSUwJoHiR7dD_0XwDsBdmlSldstLeB5nkiND1iWD5Suph-pYjUd&google_hm=81fa84b7df61f53715df0d00lpyjjdll

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTuqs8BwwIZixzDff6Qa73iowoPbsu0iIoub2t5kwhu17DO-lSUwJoHiR7dD_0XwDsBdmlSldstLeB5nkiND1iWD5Suph-pYjUd&google_hm=81fa84b7df61f53715df0d00lpyjjdll
date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 11E5 0
12 B 40ms
40ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KX7_B7NnlNZkCZM5ZSBWDPXgHIOc6keA70XHCRr_ujfnkN3RbgEpsZH2_G0HTwuZyduHygyhU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 50DA 0
19 B 59ms
58ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5sSkltV0ZYqcE__MoPMP5IWxuAGLv4iuZvG66fX_DsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTU2NjYyNTAzMDA3NTc0MDjIAQmoAwHIAwKqBOcBT9DuoRM9TcvD4yiVpH6_-h7sPZQqm9wz2wk540Cm39UMXRoXpDRz_MijeL05QXh06EwHDp1mNmPnjtU_BFgLnSslcMixF15OkARDt0ISCSqeya7EHweorwpm2rNzXn-cIiZDmXvov9mxCu4pqbbFKqkxhx3CqwN5GXxBzb9IX_-qy2yR6CSuhxFa_EIzRzOl-vTDmRMdiZb_JyVgJvkEteO_3ghNs0QCpYh4ocUGlhLzpLfcbZ5mLzLRg0FHPicK-6-qZ09zz52CNJzalOSCQ8iZD0pJRZycTNWc-vGEAtE7apSZ1eN6gAaZvYO7rt3vzdQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliGoNOAoIODA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NjY2MjUwMzAwNzU3NDA4GAA&sigh=FANzFgDUdOY&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNAJl_XobNrpBSTq1-ys4efFjkRo5es_34PiuBWcWa6FNUABdFQZorEVhXIuLBx0VQ4JYjNcYKGAE&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.1786538880~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280&nras=4&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 21:01:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame 50DA 0
1 KB 146ms
88ms Image
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=14654fa1-96d6-11ee-a2a0-7ac62acb26d5&d=www.steganos.com&cr=ext_ng_start_ghst8&gid=CAESEE0SudkEvMPvcPI13QuieqI&a=imp&p=ZXTVlgAEzgoIaCZ_AAxC5Ng5vxwrkKzAF5yOaA&im=_Mh7QlQu_umpTV1t66X4ZXzVKRLR_VTWOJ0XcTHvK9inv1RovGRHA1amKi_Lb5tXt523GLEwt-NC0gXMdIzMn72M1xpP1TVYHxp3lB-L_ksMweFVDpUeV97v0Dw1Bsf-_pBuRf9xxpvIzNJHnABODr6m-rbGV36NP2sj8SRU5a4eZ-B9td0Uns6R19VOVBWhBeVekc6EXnG-Sz3Z6KDggtnvdWZaRKi4giOq_5uTtMIUwUO08ojpBb4Ft3HmSKYZucoAZm5959dcS5bemKkAWxOLDZ-pze4ca2e6qRbtV6gBKBFNXqwK2S7c5bCfdVV7RLTOGe9ghGLgxj12oxqOLiMYMVkmEzffWnYgoZSb0N4&cbvp=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Teq585be5jzVbQuPi5JX5J%2FvP2MVM1dKjbwPawgt6kC33Jes7OZGq5ji%2FhycP5oVg2eclMJBVDhbUM1p7eSfDegaiZHb9TInkzfKhPmv4NyYSumnm3%2BAyhbgmCcqMOMSBnBmAQb8P7dzmMrOg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e90fdb54bc1-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame E5A0 31 KB
12 KB 31ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1712960/76808492/xbbe/creative/adj?p=APEucNXFoNwqUQOvzqbbYkXE6wp0W1yhsw2J_vPd7G1wVztJH1lDIh8&d=CokBAKAmf-AhciWk5PWPRQI5XWUAQ4GHre3CeduCM1bkwUeldISv9ULJH6fRCwC7NTbbPXarlpF520llDeNlfZxPOmrkLtAkGOoajrTt93TPXM9H04F35G4oN7dZbkq9moQEmqj0yE8u1JS3rQt9UaQbPpID8hUphp03Xa1ZP9u9azmuNwHsXZKUjDMS2RQAoCZ_4KW87H4U5uACvI-JQJZm-dMzvuFxZGA2DVXBmfXMJsk36U_pOIpYtAjlZvgSsc6igu2aGkRedyhjp-DbD2Dd6eisJ8nARy9_xhJn1DEmCiFWdNCWIqSI-P5PqQwRcrnPp6-zIfLoQJdwxqtJFjnLzS-fjENXz23Ug0LKmV3kQmfukbRFZTyBUc_bMw39wS-ZFZs93NS2YSuKGSMMkKcZVzX9MIDNX8uP0NJRjJ1El1rJVKngy_aaXFTxxjaqMoQGUOuRp-sCjF9p_z_-xHWLRZDWywqRDBT6Kdu0TkszAc14HQv_dWIuUDoFe0D9uglgpsZ9H9h8Os8dGEXe6Qnp-m0k-zTMXT2-DEaAOxvRm7us6Lq-pMpaAFeEJGJgQ98g-JFcT3Fg-CGXvJikopPP7hoY_oiEdikIC76eAaPdNg2t4tAuf8gCSzzrRCgO18cJq_kxU6bil-ISDHc5CAjtEk3qg-WmCbtdMMHgcl-2GOKkQYm1IeYgvh6iu_qlJh1D_Y8TG33oq_2XVks9gsQo0d_gqFAmpcXAPvexoJYY2UOMkcGct10TG5fkEZ7LP7RHDEMORDiuxiI_1_L2No9yeOt4m22d8cQmgMG3rlgWT56XjQ2JcJeZKk6KE4cmeKhB_F54JpuxGiTqT_vckSYwx_ehvpTfFdLfXxEduDvGQ-leDyy0Y55_1MFxGXLf6HB4NnTGAq2f3KEjw_1YYvfhDZaPLSlfZWADzBLzy0Oj4dB9qKmDtoaPcEnD_I_59YYFmVkB02Bvj28qewR8vbBEEDN_41t0pe7Qr-zXYcCk8nNTmEkAeBVpGhnUyfkWO-yFyd_HabJCmG23S80PixYaZHdGvfvyRnn1JD68imS6LISjDMwLWKY_aYJbe8x16jomk5VqbZm2g5Cye87hQZsgN-zGk70CdmayZPCrx9SfytotzFvmd0VNDidr_n-eozm5SuzSym6d0hkLOjlXdy0CEFW8fE7cW8wHlu_O_lmm9k9AI6bY8Ub2x7Aw0R9uH5jJHpYr7-rgkbuLoR6ezq0qQwWLhs3m5jQ2sTyEvEcTEZVL3hHQfgt7-RULCWFxGFbAMZNT71X5rKT8TsvYesQ6Yr_xq24IiqXCCx0q3qYt9I_l5ozGjUzUSov2uDavFb_eSWG84p4DLB9uQUbeP-JPfl1EyfKPxPQnjlUkcn4q_-Gd9GY39J58F69gOAW6Gf1c7nOB6tOBvcEKqfIyyUmBr3IHLTzsSHdbjILCVRovVl5MaxsAumpQmdorlkzoQEki7gPyyr1TEFiAXsGFdCP2h1A_BZbxpDVXgyVcDYFMqvDFKzwI2WcdtfTJkA-D1iCjSSBMc04lMS7PZllPX5Eyvrb9tv0L2TETIUVc_0L7GPKMs62G5d2vk2i2NgmkgBSjSTvC6TfnAtevU0qO8qKLbnZsCCsX49607qicqOKKV4Y_MXFLDnod0oKH9p5WOAKz224tZsuwdy9yUvI1tHbROHZjENBWvtkeTZg7gBpQIw4QcNt6sTDL1cwNTCAraaI1co7ffRAaqYI5VdgGMUNvKC8hswwqCe9lAI2IFceZfRQ3uNV-29voF844EAReEmfAwC5rWCendm22HWYT1GkgXXQQGjQcwOBYTGo0FVjmuSzmKS-rJSAYB1o3lvnQoifbV74kGihG-OUKD3JtOE7HHROJ_x-MiHzeyRQGliIK3XsyeCCUbpVBh-B0b1pJ1qbZ2sutRxlRzLHQ9R9uLg-URzIQRcpdMt3BPtxaRI4EF5j1a2nao20N8CKM59v38FMRt12_XXrUbnoDkjqhCCRik9NSuE0gZBpy75sYKIqQdTmx__UqzVGVVfMQSAHOKaubCKJJtKR4K6_fva9pO_lwYfsVriscyrk11huS2VmFSsG1lsFaZlIyLvLDTjZ-P2ttu6W9J4bX3RH-gNmaVj82LF50B43YdNhrHYiTGPCFYaeAsBmiMp-OYALA5EqG2AbMD7CKU018dhoG6RpTTEDzGgmTRB_e4rAkKJJw6VVJdO4E2KP8mjCGQ5fzFdQEDlTsL0IsxlvSZms1DpKU5_iZVVZXQS53RsfEzyN8iKgnovB-NOxDOxmwVit3wjkZJZwnT174x5jQroRzThvHZi8GBQZi_c5lyByrrnBaKmQdoetRYwWE7Zjz2lMyoXtFLxFi9Mzn3XgrGgRARFUE7IorzaHVuruckdaJ9KZC7TFEY7CviZmxVA4YMoKa9vvanALfnvBmWzlolQZUUCvWJuX14FXmEbjp7c9qZcSaoC9-qOvoFw6FaYgTwHRrgbQ6WXN791pbwkJouPtTqHexkZvJH7WKgpXFBJadcw7Us0hj0vI6h8Ljyq4Uak-fYBB5eB-6DBpVAHzL8kSXPCdU2ycsSGB8sVGP-Wm7PyhLlYFdyTENgfJ7jGhwlaIOv-kS5_2L0CwTtJnfZSksYzVoQ6ggeuVwQJ3GMm2lfRZ81YWdTtVuKwD_iVwJllLC16riVqKFZr0CxU8WhHOzHuaoxum1gpLQCXajpaT9GED6lzuKfAL4eRACw9Gd52ZB_YoFjTtiwySZ1BAvh_nCuyvHj2PoSTGwskSsnrtoPnGRvnE-8mvQRoNid5OmEcQYI46qnmExRH_CgQtUNk_1Y7YtEKyCrGkqEh53V_oz3kpDiLVOLXgztpf9oCFzW-MKppS5GuuTQiwM_nchYH3r4O9FAhDjdGGpIR8W6jcsY8NS8aUCOrtq1n6Va4ShS8snwHTNNV1MqaLrnt8PAtyF0GGDKXi1hfGNLlkxw_zzoC5uGpNM8Orh3c1RVwXgUk4krrxao7f56qtppWZsA6j_IuI1g9vebyjs0wvTEilC3y58G8HsKssi5plreA7bkXLMeKK69N9tl1vUkR5v722ne6SWf8BzZKVBPytcufTJ8Ys8TsD4ISRkzD3rNnvk41P-j57wLHPhvLKAfOTCvqZ_AR0XuNfdQ72W_raaIMDP1oLUVo12I6-yKROhO_Rnmb3dc8AEZDYn-1gSmBZiyVMJz-63ALOA1H3qNwMaOtZDLQIh681z7zWdT9-uq5KnMDao_dmUFahGRYrkxYmEmKDBDjpGegZYC5nkEANxUSEueBa9EG3xHJYeFKg0RaD_vDRXmA1M5tDKoIQ3NvodP-w_y6Zs8ldz5ONRU5WM1uzuOWj1FMvhs-LbE8beCrhgxjeNMhzslwdSm_uSopn7TsARdHGcWhdR48iTsiUSrLoakeletav-Z6L7H7HCtvmePix6ZeRX38a-lgbFNPZjtX0S2Q_bbEX5JH04TA2iD4XKyS_gUjQX5lTk59jYLwq9-ppggdv2LUdIDILsNYzfTtGfKgVlxBJqxuJ5BPvBu1ssMIAjKuJVj2y5rfPR5D6ln1sEZEoTddIRpAkPnJXcbyaYGyLNIqizndH1vxWKm11bjs224wDaLPXUgkWqUsm8p0N5n0kBpB_R5jEfskbnufkWUiBPBP3b9TmAo1iJWNEotNxx1RN20bZYGcZfQfThMMPnoiFJQH_1cGMI3CgaVQgEEk8AyAmmjYG7fYVROIAOMHIL9x1EShWB7Cp27LqpPBzt_lgnXP4m-kkPmDjSXfrWU8PbHW8B5ebE75DohgX54q3VRWbPppVmKydj2YW9LiT6GAFgAQ&bundleId=&ias_dspID=3&ias_campId=1014946280&ias_pubId=pub-5666250300757408&ias_chanId=1&ias_placementId=20804038311&bidurl=https://www.steganos.com/en/free-online-web-proxy&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gdksnNvIKw-h2Epo1NwLJo&adsafe_url=https%3A%2F%2Fwww.steganos.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.steganos.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-5666250300757408%26fa%3D1%26ifi%3D6%26uci%3Da!6%26btvi%3D5&adsafe_type=be&adsafe_jsinfo=,id:34b38cb3-c206-1d8e-569e-ce9b69bcdc02,c:wiqcSX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b586bdd95-k984d,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tXYHJ76+11%7C12%7C13%7C14%7C15%7C16%7C171*.1712960-76808492%7C1711%7C1712%7C181%7C19,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:27,oid:14773b3c-96d6-11ee-a27c-7addb897545a,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:51:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame E5A0 11 KB
4 KB 32ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:51:44 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame E5A0 0
0 147ms
56ms Fetch
image/gif 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsttFviSNyG9wzfsOx_iu5fwgu7ScGwlEuSjWG5bQFRsZAyDGY_rGvD5rWgWzOGc-LI8eEu_O_Ect4-3N_qTdSFvq0AGxO_o-dlmm8RXtE62Z9cUNZIxibNjfoUm9QmE_vxWhEHwnF0Sse5KMOuJVMP6bnXoDnWz4tvLsNyf3ruvRv0qK8ADHmoW9hJQo_vEqdCnKvpYkgloAcT_-W5on3tcq9bCzYaF&sai=AMfl-YTHNgEILfPUzVg_nvvqofUTh86XuVjvGoDBAZ8RK3uQJps6vQopbNF6wzhncmX5c75akhHDeQr1R5ZhhJPP79PaaGiBSez_yrPi6BrDXc-VptgjodVA0g7V2DNPjsArdz5Tpyx0ecUDf6lkuZKnlBA5Aurw&sig=Cg0ArKJSzDEGifpEnKg9EAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9za2lsbHNmb3JhbGwuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231206.97052&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 12175306900047249141
s0.2mdn.net/simgad/ Frame E5A0 44 KB
44 KB 100ms
25ms Image
image/png 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12175306900047249141

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49707c1698eb42fa8fc4c0b0212abec0160ad20836d231aded032583cb22d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:47:46 GMT
x-content-type-options: nosniff
age: 177205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44686
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 07:29:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 19:47:46 GMT

GET
DATA 200
OK truncated
/ Frame E5A0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69a273337d278739825c9ea36779221068543c1005f87d8a893660b1011abc75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame B0A8 159 KB
160 KB 80ms
66ms Font
application/octet-stream 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2778695&pi=t.aa~a.2190036708~i.101~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=2&bdt=2139&idt=2&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=3&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903
x-guploader-uploadid: ABPtcPrQhMSXoEw2ivenOEz1gxmBDYFkI_Zl2ox-N-XFZWLkBnPP-2IQZqYRfIbYqf3HpRyEiXBuXlm7L7-zuquH7FNfrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCF8QQ75daVjNwh76TO4fsTq8iRK%2BwMArmaAF2sDxY5SWAunqamiR6zKrkZ5pzkniNurcaU7HDzBBXS5pitSfSGbyQ01SW8kAPLWDjyBJGYYCV9%2Bbzd3OVbqJ34DwS6%2BbAArNalQvrQPw1eKnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 83302e913ca84bd3-BUF
expires: Sat, 09 Dec 2023 20:24:21 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame B0A8 159 KB
159 KB 44ms
30ms Font
application/octet-stream 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2778695&pi=t.aa~a.2190036708~i.101~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=2&bdt=2139&idt=2&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=3&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2902
x-guploader-uploadid: ABPtcPqUizMYtawPJ03FeKW_BzwpSWzpsKUWnjgeZA7L2XLqVtaW14DD4zdLGC4eqUYOOHeisBcZDMSyIKyqi4lmV93dQSS32-s8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BS%2BMacCj6XsiaFAHOiK2FIvLl71ObPWhjBQGIOKbCQmYRdgmM5RyLCyd93yiPZwdZNC%2Fu2hUevvC9i3WvQXAfF0j4A0Z4yVevRmQdbvCtMMoZ1JKW%2BwQW1NmgIgJHQP2bdps2Bv6n9%2FXOPZ3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 83302e913ca94bd3-BUF
expires: Sat, 09 Dec 2023 20:40:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDLEp3n-pxjvR_-vCBr2qcI&google_cver=1&google_push=AXcoOmQL7MlhztNJlGzmXzpDpztcBVy2GifNTE-wLaUwmQDWirN6MpFI3U6zqDaOvCz3QHn8zDLf7mdvZJqQ3AcQbKQGh6I5HCcL2XQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C0D48FBEFF74B30902D96EDC729DA70&google_push=AXcoOmQL7MlhztNJlGzmXzpDpztcBVy2GifNTE-wLaUwmQDWirN6MpFI3U6zqDaOvCz3QHn8zDLf7mdvZJqQ3Ac...

170 B
188 B

44ms
43ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C0D48FBEFF74B30902D96EDC729DA70&google_push=AXcoOmQL7MlhztNJlGzmXzpDpztcBVy2GifNTE-wLaUwmQDWirN6MpFI3U6zqDaOvCz3QHn8zDLf7mdvZJqQ3AcQbKQGh6I5HCcL2XQ

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 21:01:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C0D48FBEFF74B30902D96EDC729DA70&google_push=AXcoOmQL7MlhztNJlGzmXzpDpztcBVy2GifNTE-wLaUwmQDWirN6MpFI3U6zqDaOvCz3QHn8zDLf7mdvZJqQ3AcQbKQGh6I5HCcL2XQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 08 Dec 2023 21:01:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESECiJM4IydWMH5LjtCoFvxU8&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjlhNzQxNDgtZmIwYi00Yzk2LTk5NzktMmNmYjM3MWRlOGIy&google_gid=CAESECiJM4IydWMH5LjtCoFvxU8&google_cver=1&google_push=AXcoOmRS...

170 B
188 B

64ms
59ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjlhNzQxNDgtZmIwYi00Yzk2LTk5NzktMmNmYjM3MWRlOGIy&google_gid=CAESECiJM4IydWMH5LjtCoFvxU8&google_cver=1&google_push=AXcoOmRSgjcT04hT61Inltk7BZyd4W33h7fW6mQNF1WRbwTPOaDDDpg44T2cDUkYSrwkokWcMSdI8dxjkevK1MSPQMsiFER1mvcJYhxh

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjlhNzQxNDgtZmIwYi00Yzk2LTk5NzktMmNmYjM3MWRlOGIy&google_gid=CAESECiJM4IydWMH5LjtCoFvxU8&google_cver=1&google_push=AXcoOmRSgjcT04hT61Inltk7BZyd4W33h7fW6mQNF1WRbwTPOaDDDpg44T2cDUkYSrwkokWcMSdI8dxjkevK1MSPQMsiFER1mvcJYhxh
date: Sat, 09 Dec 2023 21:01:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEJEVOKaC4wcdwWpXy5Gfjec&google_cver=1&google_push=AXcoOmRt9TizJEeT5Y9NWSbk6Q-cegUZWQDVERgyd_SI03cNfsW3cF2FaatjE7KhBKEg5xAhfUttZ2yh4TIlOQJYfDFiiyRC7pYFbu3L
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MlNTMjQ1SGRBcXVGYXlYR2w5VjBaUQ%3D%3D&google_push=AXcoOmRt9TizJEeT5Y9NWSbk6Q-cegUZWQDVERgyd_SI03cNfsW3cF2FaatjE7KhBKEg5xAhfUttZ2yh4TIlO...

170 B
188 B

53ms
53ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MlNTMjQ1SGRBcXVGYXlYR2w5VjBaUQ%3D%3D&google_push=AXcoOmRt9TizJEeT5Y9NWSbk6Q-cegUZWQDVERgyd_SI03cNfsW3cF2FaatjE7KhBKEg5xAhfUttZ2yh4TIlOQJYfDFiiyRC7pYFbu3L

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 21:01:11 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MlNTMjQ1SGRBcXVGYXlYR2w5VjBaUQ%3D%3D&google_push=AXcoOmRt9TizJEeT5Y9NWSbk6Q-cegUZWQDVERgyd_SI03cNfsW3cF2FaatjE7KhBKEg5xAhfUttZ2yh4TIlOQJYfDFiiyRC7pYFbu3L
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 247

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELOyUx-zyj5yyaMqDLdXSpw&google_cver=1&google_push=AXcoOmTZ2L6DU1C4Ni4Oeo1ixAm0S1urazpB_bv7DYTWePp_ieYmkk_vuj4OhOMg3DTvJ9IwrgQnYVEl42ylMvR_qZ-_...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELOyUx-zyj5yyaMqDLdXSpw&google_cver=1&google_push=AXcoOmTZ2L6DU1C4Ni4Oeo1ixAm0S1urazpB_bv7DYTWePp_ieYmkk_vuj4OhOMg3DTvJ9IwrgQnYVEl42ylMv...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=7745023295193812401&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTZ2L6DU1C4Ni4Oeo1ixAm0S1urazpB_bv7DYTWePp_ieYmkk_vuj4OhOMg3DTvJ9IwrgQnYVEl42ylMvR_qZ-_cm3koAC_5Qc&google_hm=EjMcBFYxRZGsONsYkxJo...

170 B
188 B

42ms
42ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTZ2L6DU1C4Ni4Oeo1ixAm0S1urazpB_bv7DYTWePp_ieYmkk_vuj4OhOMg3DTvJ9IwrgQnYVEl42ylMvR_qZ-_cm3koAC_5Qc&google_hm=EjMcBFYxRZGsONsYkxJoGw==

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTZ2L6DU1C4Ni4Oeo1ixAm0S1urazpB_bv7DYTWePp_ieYmkk_vuj4OhOMg3DTvJ9IwrgQnYVEl42ylMvR_qZ-_cm3koAC_5Qc&google_hm=EjMcBFYxRZGsONsYkxJoGw==
Date: Sat, 09 Dec 2023 21:01:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMJCBhuH9b3r_XOPjERFaqs&google_cver=1&google_push=AXcoOmRGZO7PrIU6b3WkOYnRYamQUxXqZ2LLExz7zxjN_ymrKF13qZAdP3W9pOM2H8479eLlnYcrMIPw7iJ17l8ifXOa1HB...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRGZO7PrIU6b3WkOYnRYamQUxXqZ2LLExz7zxjN_ymrKF13qZAdP3W9pOM2H8479eLlnYcrMIPw7iJ17l8ifXOa1HBi6vM_Bm92&google_hm=eS1fdi4uRHVCRTJwSE...

170 B
188 B

43ms
42ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRGZO7PrIU6b3WkOYnRYamQUxXqZ2LLExz7zxjN_ymrKF13qZAdP3W9pOM2H8479eLlnYcrMIPw7iJ17l8ifXOa1HBi6vM_Bm92&google_hm=eS1fdi4uRHVCRTJwSExHWlZ4aVNGbWNNekhlSkE4WU8wS35B

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 21:01:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRGZO7PrIU6b3WkOYnRYamQUxXqZ2LLExz7zxjN_ymrKF13qZAdP3W9pOM2H8479eLlnYcrMIPw7iJ17l8ifXOa1HBi6vM_Bm92&google_hm=eS1fdi4uRHVCRTJwSExHWlZ4aVNGbWNNekhlSkE4WU8wS35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEDk1FzLau9ZyVOUSKg6g1Qo&c_param1=AXcoOmSnh6Sm61IcC_OGdx5G6BHtQm_gWlHH7JBI2xmnfjzn3qavntji7jWU3iwBdfjF0mFTVwSghNQHZp4tNfakmQrnicX-9JOFiquK&gdpr=%%GDP...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSnh6Sm61IcC_OGdx5G6BHtQm_gWlHH7JBI2xmnfjzn3qavntji7jWU3iwBdfjF0mFTVwSghNQHZp4tNfakmQrnicX-9JOFiquK

170 B
188 B

42ms
41ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSnh6Sm61IcC_OGdx5G6BHtQm_gWlHH7JBI2xmnfjzn3qavntji7jWU3iwBdfjF0mFTVwSghNQHZp4tNfakmQrnicX-9JOFiquK

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSnh6Sm61IcC_OGdx5G6BHtQm_gWlHH7JBI2xmnfjzn3qavntji7jWU3iwBdfjF0mFTVwSghNQHZp4tNfakmQrnicX-9JOFiquK
date: Sat, 09 Dec 2023 21:01:11 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCF8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENt_D6jNjxwJ0eoLaNeY48s&google_cver=1&google_push=AXcoOmQe__EGk-CS3U0szPYLZrM2Gnb1TtOG4WrBxj3YCavJla65hO5ZMeL93CKJGMF1X1jxeHJyyo5i...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENt_D6jNjxwJ0eoLaNeY48s&google_cver=1&google_push=AXcoOmQe__EGk-CS3U0szPYLZrM2Gnb1TtOG4WrBxj3YCavJla65hO5ZMeL93CKJGMF1X1jxeHJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI5MDYxMzQ1MzU2MjAxOTY4MQ&google_push=AXcoOmQe__EGk-CS3U0szPYLZrM2Gnb1TtOG4WrBxj3YCavJla65hO5ZMeL93CKJGMF1X1jxeHJyyo...

170 B
188 B

42ms
41ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI5MDYxMzQ1MzU2MjAxOTY4MQ&google_push=AXcoOmQe__EGk-CS3U0szPYLZrM2Gnb1TtOG4WrBxj3YCavJla65hO5ZMeL93CKJGMF1X1jxeHJyyo5i_TkR1cSaBNPaIsTNgSJbjSNx

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI5MDYxMzQ1MzU2MjAxOTY4MQ&google_push=AXcoOmQe__EGk-CS3U0szPYLZrM2Gnb1TtOG4WrBxj3YCavJla65hO5ZMeL93CKJGMF1X1jxeHJyyo5i_TkR1cSaBNPaIsTNgSJbjSNx
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CCF8 0
12 B 54ms
50ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LN16xcGmQg3mI0bodV9sNslyJkb07kT9qNzYhayuNmVxFL9KbjGDi1M9dCzBBFfRif7Dfx

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8D36 0
19 B 67ms
62ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CF3M_ltV0Zc_LEY3JoPMPoOah8AWLv4iuZvG66fX_DsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTU2NjYyNTAzMDA3NTc0MDjIAQmoAwHIAwKqBOYBT9BQoQJtXpTjHGzFQLLhADHWGfvs1RotjS64LL_veiNBfLgCi15MRQZEE4Qydx5huj3pmFShqIZ9sO7jN_mYd5Xu1BiTcO3SZiQffeiR0gj_RMC-pR_wNSXUW_uFDyS9SovM4G4qTJS5n4DpU1OA-dugQlfhkxXsTkbDSWOv-iiksjpyPrZ9knmF96CnmjwgNn5xn648ZPLIRSS-73cWqZY1gL5nQTPdHXlhYmUtQ1xvPzyfrri5khPsCnFm4Cl_2-uOM449GxCucXfCLn0vYOvKUyVHeHPCdXpu8RzMO5M4PAp1WWOABpm9g7uu3e_N1AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggbCIBhEAEyAooCOgKAQEi9_cE6WOnP0YCgg4MDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU2NjYyNTAzMDA3NTc0MDgYAA&sigh=Kov52F-AXQQ&uach_m=%5BUACH%5D&cid=CAQSPADICaaNtWFrwUEhzkuoRHiwtlxZC6KUipWxEfAnX3ZQL_p4xLQ9M0Lt21qAmjY8A0SHdOuTYHMOYDrbixgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 21:01:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame 8D36 0
606 B 122ms
107ms Image
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=14593907-96d6-11ee-b4e7-ce74728ca1db&d=www.steganos.com&cr=ext_ng_start_ghst8&gid=CAESEIW1SRpAbdhk9xDaPkplIII&a=imp&p=ZXTVlgAEZc8IaCSNAAhzIDOOHoRQpO3FwQEcpQ&im=2nWNUYJj7EDDZ92mvQKN4hKrY8Mh2qo4v09mJ92uNmk2nlF8ADFcSiJASsYlEMRLGGMIccCh6qVkcZ2Sey1QJ7K__akgni5hlEt-CdI7NeGjEWL1wRHTYPvJPpLJf-X11mIq78xinw5Rx1pCPPYZX5D2jJp6VPqBEJEsjNHCTr-1Bbqw879QXWfWDvWCRqzfCbEkH9F76xbywhA3nK_g49jk3goI_QUDSzDQOkQIAwockecA4MmbJNM3T89Kq2dLphu1gnlZkLLivKedfw2J3D84OG9C5OKBmECGfCJbbwzYfVjqHtCF_NAyTq47t1xQ&cbvp=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZJboZ3gM7kmGvN5XFiP7gGqPQRcOtjPm3xwW7Tsqlfw3H0R82AaLFu%2FFWeGDGl%2Bnu1WugSa4pv%2B6yPvp%2B1NzQlLZqf%2BCKNJSWUvwVZBVVzY2Peq%2Bn2Dh059Yl2RKYJ1ULZlcvqxYlItrRKn6g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e916dce4bc1-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame B0A8 0
481 B 109ms
71ms Ping
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZPYRp%2FyUXjaaIyVI0VOrVtonehk6rT5FWSSqqk1JxzJxe7O7Qa9o%2FIEQRnoWCrXRykuGu5lB4JcRzwuHJJP9RPYQ74fvPbpisREqa%2Boc09CkcJH52UoPliAynqktB9yF8JCzUp42AIpUIb8lA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e919dd84bc1-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 50DA 159 KB
160 KB 72ms
38ms Font
application/octet-stream 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.1786538880~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280&nras=4&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903
x-guploader-uploadid: ABPtcPrQhMSXoEw2ivenOEz1gxmBDYFkI_Zl2ox-N-XFZWLkBnPP-2IQZqYRfIbYqf3HpRyEiXBuXlm7L7-zuquH7FNfrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3RplpoP7dwc69dkzUVMViWKM9FFTAJraNpgbtTRRH0s6Hh7MOjDkiQ9Fm6vIhvbP9jCyBEEEFWQ0KCcmnDs81EPaAVKdvISjfEATD12eitS%2FypH7WkNDm8jzzVQ2YAlOGeQz8VCtVc6pEMzFg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 83302e91acd24bd3-BUF
expires: Sat, 09 Dec 2023 20:24:21 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 50DA 159 KB
159 KB 67ms
33ms Font
application/octet-stream 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.1786538880~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280&nras=4&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2902
x-guploader-uploadid: ABPtcPqUizMYtawPJ03FeKW_BzwpSWzpsKUWnjgeZA7L2XLqVtaW14DD4zdLGC4eqUYOOHeisBcZDMSyIKyqi4lmV93dQSS32-s8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf2VKZohVzH6faf8FcNSyxul8PJJ2W918zE56oOgtCR78ZmthF6N0WIDHrE2LYL1SMpfvvJFTe4MldkMqUZDYj1RyFhmFvGw%2FNTg4ULUDTHYjlKd87w0yP1aMR%2BTfdKpiAfaIoUBIZ0Yk%2FAEiw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 83302e91acd44bd3-BUF
expires: Sat, 09 Dec 2023 20:40:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8558
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhUVmx3QUZ1bDJld2dCZA==&google_gid=CAESEKWxQQ0QEOoa24q54HkNZmc&google_cver=1&google_push=AXcoOmRngOVGkiz1jFUsoY6CuWPtORq8F_...

170 B
188 B

43ms
42ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhUVmx3QUZ1bDJld2dCZA==&google_gid=CAESEKWxQQ0QEOoa24q54HkNZmc&google_cver=1&google_push=AXcoOmRngOVGkiz1jFUsoY6CuWPtORq8F_0SuMacEik_oGp2xUblJet2QHY9211bGSdF7wBhadYlvl5njWaqmRliJ_H8HMeKl2y5SQ

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-yyz4540-YYZ
pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1702155671.307590,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhUVmx3QUZ1bDJld2dCZA==&google_gid=CAESEKWxQQ0QEOoa24q54HkNZmc&google_cver=1&google_push=AXcoOmRngOVGkiz1jFUsoY6CuWPtORq8F_0SuMacEik_oGp2xUblJet2QHY9211bGSdF7wBhadYlvl5njWaqmRliJ_H8HMeKl2y5SQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8558
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJFqx8yIFgYxLACOqqSnQL4&google_cver=1&google_push=AXcoOmSmk9BQGBmFjVEexC8Qbz06drYuJssZ243CMTE7ctUzf3Z5XXqKTYvEBLXC5Uu48HpxpAslP6PXea47yE...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSmk9BQGBmFjVEexC8Qbz06drYuJssZ243CMTE7ctUzf3Z5XXqKTYvEBLXC5Uu48HpxpAslP6PXea47yEATtEX6jmsiRNx-aeI&google_hm=hmV01Zde_ZgszM...

170 B
188 B

54ms
52ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSmk9BQGBmFjVEexC8Qbz06drYuJssZ243CMTE7ctUzf3Z5XXqKTYvEBLXC5Uu48HpxpAslP6PXea47yEATtEX6jmsiRNx-aeI&google_hm=hmV01Zde_ZgszMOt8w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6574D5975EFD982CCCC3ADF3BLIS

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSmk9BQGBmFjVEexC8Qbz06drYuJssZ243CMTE7ctUzf3Z5XXqKTYvEBLXC5Uu48HpxpAslP6PXea47yEATtEX6jmsiRNx-aeI&google_hm=hmV01Zde_ZgszMOt8w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6574D5975EFD982CCCC3ADF3BLIS
date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame 8558 0
35 B 140ms
37ms Image
text/plain 3.228.157.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEK3QeBEZY9UafFYucU4875o&google_cver=1&google_push=AXcoOmSoebSwvLqB7xkNQskvjGlWc5FGFae-tSuQv5-r5CXAAwls5GD4b3y3cO8mztDSgwYsu2Fle69RuYw8c6o_uQLIBlX4sLs5caw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.157.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-157-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 8558 43 B
641 B 595ms
188ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEBRdLap9S9Ac11tmbPjvM2s&google_cver=1&google_push=AXcoOmQyb5OlUefoKup6QouTX1mmY6WRPgGocUlIgzu3zP90DFcGo_LfangkOO5I59566TIbudUfYr8ZUTprQQwHFS6iNpDYQXIG6g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 21:01:11 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8558
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJFYFdTcrmOv8_eexlFdnpQ&google_cver=1&google_push=AXcoOmTI0Cv-oHuRZQsR3rmmTs8pkpfulm2qDiqML-g1HaYfmU6xHlpZxKXcskPL0xpEP9Nv0LeFr7g5WDrN2...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJFYFdTcrmOv8_eexlFdnpQ&google_push=AXcoOmTI0Cv-oHuRZQsR3rmmTs8pkpfulm2qDiqML-g1HaYfmU6xHlpZxKXcskPL0xpEP9Nv0LeFr7g5WDrN2...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTI0Cv-oHuRZQsR3rmmTs8pkpfulm2qDiqML-g1HaYfmU6xHlpZxKXcskPL0xpEP9Nv0LeFr7g5WDrN29055bJMyRMTp69cFg&google_hm=V21hTkVnWEZ5bE12cW...

170 B
188 B

42ms
42ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTI0Cv-oHuRZQsR3rmmTs8pkpfulm2qDiqML-g1HaYfmU6xHlpZxKXcskPL0xpEP9Nv0LeFr7g5WDrN29055bJMyRMTp69cFg&google_hm=V21hTkVnWEZ5bE12cW9qSVdVWjY=

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 21:01:11 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTI0Cv-oHuRZQsR3rmmTs8pkpfulm2qDiqML-g1HaYfmU6xHlpZxKXcskPL0xpEP9Nv0LeFr7g5WDrN29055bJMyRMTp69cFg&google_hm=V21hTkVnWEZ5bE12cW9qSVdVWjY=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8558
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEHVSgLG7pG2Q9Sis7-f5pcg&google_cver=1&google_push=AXcoOmT4KZsVeyIlLS23twjpW6l3ppcRiJtJZlF6Qp5B73S9ckyRZcgGHxCLpqCEvueUrkj8pnBD3Ka3P5KG30PdU5...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTcyMTU5OTU4MzcyNDU5OTM0MTk&google_push=AXcoOmT4KZsVeyIlLS23twjpW6l3ppcRiJtJZlF6Qp5B73S9ckyRZcgGHxCLpqCEvueUrkj8pnBD3Ka3P5KG30PdU5vh...

170 B
188 B

53ms
51ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTcyMTU5OTU4MzcyNDU5OTM0MTk&google_push=AXcoOmT4KZsVeyIlLS23twjpW6l3ppcRiJtJZlF6Qp5B73S9ckyRZcgGHxCLpqCEvueUrkj8pnBD3Ka3P5KG30PdU5vhrh1vRjZ8IZU

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTcyMTU5OTU4MzcyNDU5OTM0MTk&google_push=AXcoOmT4KZsVeyIlLS23twjpW6l3ppcRiJtJZlF6Qp5B73S9ckyRZcgGHxCLpqCEvueUrkj8pnBD3Ka3P5KG30PdU5vhrh1vRjZ8IZU
Date: Sat, 09 Dec 2023 21:01:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8558
Redirect Chain

https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEPgFmG0_IWczeVOh-vpFlHo&google_cver=1&google_push=AXcoOmSZbpC_uqz3uBIzd4MuRX1Pr-k7h1eHzqFBvcpOVsgqeRBNJeBmcx2SnvgMXXhiASbZ9URJi6hMEKIiXZutJPR4AV...
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSZbpC_uqz3uBIzd4MuRX1Pr-k7h1eHzqFBvcpOVsgqeRBNJeBmcx2SnvgMXXhiASbZ9URJi6hMEKIiXZutJPR4AVpP6EPKS5yj

170 B
188 B

40ms
40ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSZbpC_uqz3uBIzd4MuRX1Pr-k7h1eHzqFBvcpOVsgqeRBNJeBmcx2SnvgMXXhiASbZ9URJi6hMEKIiXZutJPR4AVpP6EPKS5yj

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 21:01:11 GMT
strict-transport-security: max-age=2592000
server: nginx
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-language: en-US
location: https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSZbpC_uqz3uBIzd4MuRX1Pr-k7h1eHzqFBvcpOVsgqeRBNJeBmcx2SnvgMXXhiASbZ9URJi6hMEKIiXZutJPR4AVpP6EPKS5yj
x-yak-request-id: 1702155671655-4ff64b2a1aa3d6a98e570b39f8641b6e
yak-timeinfo: 1702155671655|2
cip: 96.9.249.45
alt-svc: h3=":443"; ma=604800
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8558 0
12 B 59ms
43ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lf7qnV8ZQH0ZPeeRJreec6n9eqUcgnV3ZVCYL-N3sNxQfkHjqjPIDDkePmKosfjQhef5tmBA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FBC1 0
19 B 81ms
66ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqUpfltV0ZfDTE5uHoPMPj9GZ2A-Lv4iuZvG66fX_DsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTU2NjYyNTAzMDA3NTc0MDjIAQmoAwHIAwKqBOcBT9AO-WMAir3t50m-DPtjiqXmLmpeAAAcXLfHlj4pwCKUpsMHq4T2VSVe2yZ43Dyu8mOWnoq8N51rMES8dIbg_S0KRpiI8o2XqPDNMOnORD5c3tTCCucVkSDTUIv0qm38RW3bqoA6ZlSy4u5UD6gM_3AaXwGCLnRtlQWyzmbXgzdamkQLNDUicxzSdMysY2kS57k8xWP1AiJbOoWbvuFmvz-CLpBmypSlf4PLEp6BsZCeT_1kfpeslFp_bJHwRa_fWP7YwrE1pwynNKi4BUGa-_QINx1V_fn1Tvmy9ZdTdBmXJjYyi3WXgAa6vLLqg4n0sQWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggbCIBhEAEyAooCOgKAQEi9_cE6WKXU04Cgg4MDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU2NjYyNTAzMDA3NTc0MDgYAA&sigh=chM6K9R6tGA&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNMl-gbkdMJrsNJ5a_FcZLFHGo7eFkmFrOSQNj4Ktve0hHkF8o31G1FqJtciiupGXMspprLaAjGAE&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 21:01:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame FBC1 0
949 B 109ms
87ms Image
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=145f2d09-96d6-11ee-b0f3-4e54fa76f75b&d=www.steganos.com&cr=ext_ng_start_ghst8__0&gid=CAESEIjNWxntxcjeUbYelWQIFmQ&a=imp&p=ZXTVlgAE6fAIaAObAAZoj_suv9S4hmzpfg6P6A&im=gNuD-93YmN946h4gmmGalTKVng6N1y7IYi9xCr8Ur6PVyTobLNL-AWddxzWwGd0Xrny_nyYjj1rnYjKRWuef6vDd11AZ3XTbU9FUNV49U2BnIx243wfj0lClijPjmE_1dnNyUXlXRTNMsDuqnKxvuqiMFF9cbHUymKqN0xkxTXWByoEkKzwkZJzpA-zWXjW81Nd98v602iHB2KHvJs2DbItn7XUUzFJPf6oddAFku1KlZ17sE2oqjOsoGVmQnw4dBq2axBUVA4f9D4AjKA6VsTLeU_rcMMWKsOErNA7WOIt32yMkiItLgArlIKOsXvSG&cbvp=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3FaW87wfSPZnwA8xsciKtfe3idiihoJwvVNrykyq4lSZ%2FhFXtNz2okJsoKN4kCrh2oIYAIJ6RVelD70d1U3twCbdseq0g403hlCBjWRNAWdeECsHVa%2FUdDfZMu8gcxlpNNxlgD4S0mgmquEQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e91ade04bc1-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame 50DA 0
275 B 117ms
96ms Ping
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRQ7Lsqrq2p0i1UQCq1JlX3MT6Gc1QJG%2BCfs1iVT1gnPxi8%2Fudgd8YbVln0R%2BTEhTho2%2FOoH2XfwwZURnZmHUGNOGEfHKdMlg%2Fly0f8rqkLsTVYtpkd%2FOFePCYWi%2BzJ%2BRkVadjmKdPFjcp033g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e91ade14bc1-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame B0A8 0
345 B 99ms
97ms Ping
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NZBmCEkZAS2gyzRbSSnpOSU6jw00ePz4ygRXIfp2YJciSicf2sxWLVkVHK8G6uPXKcnGDHu34WrEQyxFAT94d5qKIkUlZLoxhQFrcpvklzNDcS8H4mspucGuFgthoU0791txGeD0Hr6WxWbFg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e91cde84bc1-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 8D36 159 KB
160 KB 47ms
44ms Font
application/octet-stream 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903
x-guploader-uploadid: ABPtcPrQhMSXoEw2ivenOEz1gxmBDYFkI_Zl2ox-N-XFZWLkBnPP-2IQZqYRfIbYqf3HpRyEiXBuXlm7L7-zuquH7FNfrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gxmXPcrFgvp7wZRZUkKMEm8h5BZVdqvWes6HaaeND5d2WADRd6XJuGtEK2kHWdOWevHuvP9KgDoJphW6KxrTaxD71Qw9TLImVMlP3Fl%2FJYcDCaAzLreSuHon9Hghk7oW%2FrgFtAbwkrJj7grjw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 83302e91ccd94bd3-BUF
expires: Sat, 09 Dec 2023 20:24:21 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 8D36 159 KB
159 KB 93ms
90ms Font
application/octet-stream 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=4234136795&adf=2112188991&pi=t.aa~a.2190036708~i.98~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1546976913&ad_type=text_image&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rh=200&rw=1150&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670241&bpp=4&bdt=2139&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2902
x-guploader-uploadid: ABPtcPqUizMYtawPJ03FeKW_BzwpSWzpsKUWnjgeZA7L2XLqVtaW14DD4zdLGC4eqUYOOHeisBcZDMSyIKyqi4lmV93dQSS32-s8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1Om4pTLGdaXQP0yKFTojSlEPe5cosICF4DNeW0fbXsNFrrACMrYpfH0l3N9lGj8ZXuJHVuxjLLRrZzVGDd0bFFmKMm93stZUIe9FnthDKa0aeBLKECcr8mZkPtVXbDocPRKWPnXZL0cuGA8tw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 83302e91ccda4bd3-BUF
expires: Sat, 09 Dec 2023 20:40:33 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame E5A0 0
0 57ms
55ms Fetch
image/gif 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsttFviSNyG9wzfsOx_iu5fwgu7ScGwlEuSjWG5bQFRsZAyDGY_rGvD5rWgWzOGc-LI8eEu_O_Ect4-3N_qTdSFvq0AGxO_o-dlmm8RXtE62Z9cUNZIxibNjfoUm9QmE_vxWhEHwnF0Sse5KMOuJVMP6bnXoDnWz4tvLsNyf3ruvRv0qK8ADHmoW9hJQo_vEqdCnKvpYkgloAcT_-W5on3tcq9bCzYaF&sai=AMfl-YTHNgEILfPUzVg_nvvqofUTh86XuVjvGoDBAZ8RK3uQJps6vQopbNF6wzhncmX5c75akhHDeQr1R5ZhhJPP79PaaGiBSez_yrPi6BrDXc-VptgjodVA0g7V2DNPjsArdz5Tpyx0ecUDf6lkuZKnlBA5Aurw&sig=Cg0ArKJSzDEGifpEnKg9EAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9za2lsbHNmb3JhbGwuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=163&vt=11&dtpt=161&dett=2&cstd=0&cisv=r20231206.97052&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame FBC1 159 KB
160 KB 84ms
83ms Font
application/octet-stream 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903
x-guploader-uploadid: ABPtcPrQhMSXoEw2ivenOEz1gxmBDYFkI_Zl2ox-N-XFZWLkBnPP-2IQZqYRfIbYqf3HpRyEiXBuXlm7L7-zuquH7FNfrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162876
last-modified: Wed, 14 Jun 2023 14:22:11 GMT
server: cloudflare
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
vary: Accept-Encoding
x-goog-generation: 1686752530970769
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYuL%2Bc8pHlsYwMzbWRKorG6kH8iQCaPyoM%2Fai4v6pwtpnoWVtHtyEcZAirtWrbJd%2F%2B5wHjwuqduHchpJPfikh7cBEVZDhwf9wGc3Sl7StBEFf%2BlxuP2Em2rSsFNQ6fmTi%2BMvG7HQehttzNBWEA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162876
accept-ranges: bytes
cf-ray: 83302e91dce44bd3-BUF
expires: Sat, 09 Dec 2023 20:24:21 GMT

GET
H2 200 Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame FBC1 159 KB
159 KB 86ms
85ms Font
application/octet-stream 2606:4700:20::ac43:4abf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5666250300757408&output=html&h=280&adk=1842121586&adf=454575804&pi=t.aa~a.3717152971~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1702155668&rafmt=1&to=qs&pwprc=1546976913&format=1150x280&url=https%3A%2F%2Fwww.steganos.com%2Fen%2Ffree-online-web-proxy&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702155670271&bpp=1&bdt=2170&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C1150x280%2C1150x280&nras=5&correlator=7001033886283&frm=20&pv=1&ga_vid=774795937.1702155669&ga_sid=1702155669&ga_hid=904266490&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079864%2C31079921%2C95320885%2C95320892&oid=2&pvsid=349913210538938&tmod=340086000&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2902
x-guploader-uploadid: ABPtcPqUizMYtawPJ03FeKW_BzwpSWzpsKUWnjgeZA7L2XLqVtaW14DD4zdLGC4eqUYOOHeisBcZDMSyIKyqi4lmV93dQSS32-s8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 162464
last-modified: Wed, 14 Jun 2023 14:03:41 GMT
server: cloudflare
etag: "d329cc8b34667f114a95422aaad1b063"
vary: Accept-Encoding
x-goog-generation: 1686751421527536
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrrGW54Ly1slxtJZX1q2xbSs8ZcngPOwPrusJqT1eMu6OeRrfi8aYA6zFpxYj6%2BSvrLZHLI0RXN30hnoQ90nJOwV8pbdWKl90UYrbXLWONF6xMEhQ3dHrLcVmn4slwvBBGOqk7iqP50jQKq4pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 162464
accept-ranges: bytes
cf-ray: 83302e91dce54bd3-BUF
expires: Sat, 09 Dec 2023 20:40:33 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame 50DA 0
427 B 93ms
88ms Ping
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pqcm6NmJ9wwbD3M9gmUUX7UEtQGzIme%2BY%2FEnhqfU%2FI9OMW%2F9%2FMFKNlhdZUJ0KgxPwqh%2FCBOnPuaFpWqZRazLhwKYeQw7j3%2FYE7gH3oNuUHXXNUZ4%2FSwKkmxzNpLvIbrK4G2y%2Fs7KzXiqGZong%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e920df34bc1-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame 8D36 0
456 B 100ms
96ms Ping
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCjBlO5%2F9B5yD8mB6zyu7V%2F%2FNzjMwGEYaa3DWwnwShJw%2Fm%2B%2BBGOEfk29%2Fq0spKkQKOR4%2Fmv9YJTnE%2BrqAqnsbpIHKoVIjqIovrL%2FIqPBhzaQZqEo6ytdtFcJB84KmiC4%2BchOhW%2B7Jib3QTyLkg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e920df44bc1-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame FBC1 0
965 B 115ms
107ms Ping
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKGR7bTfnD6wKkUJ7kCNBTkBkigUh2xP2ruODRQfzD46SxvayJEEzdggsqlEAg%2Fc3H67xzVyxq2W3bdYLV4QBB%2F%2FPfBMzoWedmmxXGbmrfzeuzEIWiFUYLEWav4%2BSoKEDRZy4yH6IZIpKh1b9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e9238f86aed-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5A0 43 B
215 B 91ms
88ms Image
image/gif 2600:1f13:800:7782:4718:9bfc:3344:bf82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=34b38cb3-c206-1d8e-569e-ce9b69bcdc02&tv=%7Bc:wiqd4l,pingTime:-10,time:733,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702155671441%7C%7Cabee7f5b670ded9cb77eda49d3e1ba52%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C4a35cfa4d38c0b7c89f191ac459bcf74%7C%7C1967e616b832cb04d5561b5b7e7637f7%7C%7C7d181f2def11d539cdb7bc7d17c45b4d%7C%7Ce47ad11cc4f4929ba4c1eeeacee34370%7C%7C9eb61943663bc8e5fb1dd50e7a71575c%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4718:9bfc:3344:bf82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 rtimp
g.bidbrain.app/ Frame 8D36 0
780 B 77ms
77ms Ping
text/plain 2606:4700:3034::6815:53c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-08bee3b1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:53c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 21:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTdZMUyEC%2F1VKVSPc7e0PtWpA0QXgOOLGrpAoP0zANcKXw%2Fhxh2PtDyR6yJ%2BJEfw1VMzvevtJgd4qP1heeelrF8Dww18NhQu6FzvPr8K%2FgMSpW70AWmG27Mm2H3hX8h1eGV6gtJ30%2F1uwKuvDw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83302e92c9216aed-BUF
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
53ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=349913210538938&bg=!09Cl0J_NAAY3kmNgF5I7ADQBe5WfOGiO1LXeKJUOMMaPg1FAi_QfhPyKgEhkRXohajlRHmF6fSXdwiezMd7djJZfvDTPAgAAAOxSAAAABWgBB5kDA9I5Cxhg3hncLXtQejkJrX28duwbCM8GpfaBnRB2y3cw37tTJCsj1Y3xi5XoHuOjusoH5BW4j45V6cG_jODWinwe-BEbSIjwaIX_JysupPMO5z4jbPjZUOADZEui1WOCU12fKDbNIIFm4IIstBr8CZteRr-k0teKAHIdGvOdNQB95SywpJY2BbE9tAatdL92bMyxJZxApXT5WoH4Qv4NlHeyTij3_tkyj8yTku1SxcuEUNp7Rg27pBKgWQRfvCf4QgCr0tN3yOPWfWvnGQGajIJnHQj59HO3C2lXXos_sT90g3G-OfgM2wik83HTmvE1QV8j_bg-j5DXf4ymA5T9hf61Dr0P7A7Uu23QMXpjAr4oKsGNw8hWcnhu6cQguPzUpzQdAI2GEiMIJxp8x5nwUfm9Ve1QKkPdSsEiJ-j3_F_dubpo8bI71UdIdAx9x24TmXzua1uV6TT9hXfMgI4tUeuCYDy6ZOFkj0bURV77UjkIhYA0NXROJBzY1CxRSPDG2DG23RVewDlNS1eg7j5UONNgwJbB5jf_dMzCtz2Cr6BRU3J6ya9eGgMr2g5Zhu6V7ogAxq5V3WRqty6j825lcPYedeZCP6Gpt-pts2dsDzNVadnCwES4KgbfKvlFj82dbaq6zZeBjETuJypNUWb5DFYAk_ie0GA90y3GQFLa2I0ZnF0d716V8Hc6kcnM7RcDNH7wDtvOL25hhsY8ySlPT3r7Y1YgZGpg0booPH2TV1eGVnXJBaE-TJuJKlz7TMWdNchoEvt20BXmWF7DHRKAplyaqROiqic1Xmlfj5O3acxnLDJfytcrJOJwInVyu9-m-QVhikpdwJfPmstsBFrEOE2z8JImkVRHFCt4_n6q4pEA9dqYIlczKweMORLZiSIBdLVb68x8cf9fhIDx7x-jsw74KIHIrlKJ1woceTfAiMjROIHQBjbwQd3830D9CdoGk2vbTIUK53ugc7HUZlqPu6gWvWn7ROZUIGhpY1DfEj3_fY9nPe0GEkQocPeiFWfo8mA0KQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.steganos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 318B 0
20 B 54ms
53ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bf96lltV0ZZDkIYKpoPMPjYOguAYAAAAAOAHgBAI&bg=!g4ClgM_NAAY3kmNgF5I7ADQBe5WfOA1ODMh_D-PilUkH5gBG2O6HScmVUISvKwPxPHiuUabXutVvbGt6FZDaeslPdKzOAgAAAUdSAAAABGgBB5kDPeDRYXbc2KTL4lUH5Euj_k0K5wQNEM--gf7FpociQg310-PtDyXB2g6-l4NaQSmgvS4gXLzVUGbsSE6t2079m7Mu56hffdSTndTS014J8aItFdmNDIowc6f1c4PdMNQ_iqe_E5d53-J1MJZCOWUwFVvdigwP8cM3W6xttbO8OL6mzN6TCC8HCerQnVy4EsqPYDhWoSrsNl7WcqhgdOgtYxowHxUZ63Hv1fo87Eb5gogPQGACQQz5-T4JuNhXWBvUtpjAH30PgTT2X8AxQadVPRU0tOFtFpRasdD1LXFCRt7W-nZytQaWmbd7pr9xq8Klr5SdBGiIX-QHkrrTZuJHXQiqrEPQXA0iVc61f6rn8qr7XKl5gA1Xr-XC7GxkkwQjd7TTNPI5rxThuf6Pxgv87IUzcSiVkzDHFlYockx7CZV_1E9BYfeHhVKRIl6iRqVGfoBLYsiZ09WQITgVmqtlwbIvcPBH4xmkulidYj-2rcREtQhvb0AZTTP1_TxcyST3OtAlZmGXv4NMFDqZRYTcrAtTiLJCVxJ5VCn-iGI_OBCvkQdEjht5rnYi0Q3WCiDkJxC-Kpcy-AaM-_VymA4cNzK8RWk_yVYGp6Ma8RALw8ccrWJ8K2b8dj-isFTIiznTYOe82PrmD2s6yFcFf5u0B2zlpy_W1YeE6OiLy5uKWVH9Ddc3yYmnwCBI9UjxSRKbl6s5dbLjJTHRYPLaQdS_KwBi5ui4_J_uGg4X7A5TpICuKHbBSiNjIxMoM8ye-9jW3k7FfYufRW1bszO8Vu3sB76YgAZr1eKwaKWhc8ZmXKCapOrUdvIaDOsIpvu6wzwW0UmJTGBXBa3xr8ybtpeVtvMkWQSDYQ234noYIJQvXblPQWRSl648QbBFOVFlEy9vjz05oflmdWOa-auolWoN-ZUNcpZkhCgtHf8aMJq_c5bsg1mKUEDjst8fC3T5zpJjoWGZThYIIGazSK9mzz8rCKJa6YFR6O413bnsqI9807AehEGQCSCiJLgh0e_Dgm3qGFoa3yQgVlSEdacXa8VyLxUH2xJDRWuN4ZgjKT7lY8UNbvkTxxzwQcDFGeuqd7G8sz1tHuQtBlCKFB0md08

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5A0 43 B
215 B 93ms
93ms Image
image/gif 2600:1f13:800:7782:4718:9bfc:3344:bf82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=34b38cb3-c206-1d8e-569e-ce9b69bcdc02&tv=%7Bc:wiqd9C,time:1060,type:e,im:%7Bpci:%7Btdr:1007%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1060,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1052~0%5D,as:%5B1052~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:108,fm:tXYHJ76+11%7C12%7C13%7C14%7C15%7C16%7C171*.1712960-76808492%7C1711%7C1712%7C181%7C19,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:28,sis:445%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4718:9bfc:3344:bf82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:11 GMT
server: nginx
x-server-name: dt29.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E5A0 42 B
64 B 57ms
57ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsux2fu4imOFPXTtYwl0HJXF7sIjKozMo6sxCvcJ2SxUzqx8GhIfPVSCagODVuOcy7Nj9RRODv0fzim62ZfH7vZn8yTGVRry7XcFsSZBoRqPZDWm4yCqNG5aNT3k5L6R&sai=AMfl-YQE88HGTS9JqjBmgrFee5xEqsa1i1ajlBCvR8OEKs8R-kRBd5BUuLunB6H9yxLnuRZuQ4KW82lLztYXdksSO3yvkPw6yFsYkHLzVRuq3a-ME0eD1bPAtTWySBhwMUUk3GDyLHbFdzrxOPmiG-oNymP49hGHsPHEVlbx&sig=Cg0ArKJSzJivtBIvNjTrEAE&cid=CAQSTwDICaaNgbt9hVE4gA4wcgv3HURKFYHsKnbsuqk8HO3-WCdc_ib6SQ-YONJd-tZTw9sdbwHl5sTvkOiGBfnirdVFZs-mlWYrJ2PZhb0uJPoYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=903,1000,1000,1000,1000&tos=903,97,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702155670401&rpt=913&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5A0 0
20 B 54ms
54ms Ping
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9079153128088&version=m202309260101&ct=76&x=1&cor=17804481310323806000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5A0 43 B
215 B 89ms
88ms Image
image/gif 2600:1f13:800:7782:4718:9bfc:3344:bf82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=34b38cb3-c206-1d8e-569e-ce9b69bcdc02&tv=%7Bc:wiqdBE,pingTime:1,time:2798,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:26%7D,%7Bpiv:100,vs:i,r:,t:1797%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1797,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1788~0,1~100%5D,as:%5B1789~728.90%5D%7D%7D,%7Bsl:i,t:1797,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:96,fm:tXYHJ76+11%7C12%7C13%7C14%7C15%7C16%7C171*.1712960-76808492%7C1711%7C1712%7C181%7C19,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:28,sis:445%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4718:9bfc:3344:bf82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:13 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E5A0 43 B
215 B 90ms
90ms Image
image/gif 2600:1f13:800:7782:4718:9bfc:3344:bf82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1712960&asId=34b38cb3-c206-1d8e-569e-ce9b69bcdc02&tv=%7Bc:wiqdBF,pingTime:1,time:2799,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:26%7D,%7Bpiv:100,vs:i,r:,t:1797%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1797,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1788~0,1~100%5D,as:%5B1789~728.90%5D%7D%7D,%7Bsl:i,t:1797,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:96,fm:tXYHJ76+11%7C12%7C13%7C14%7C15%7C16%7C171*.1712960-76808492%7C1711%7C1712%7C181%7C19,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:28,sis:445%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4718:9bfc:3344:bf82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:01:13 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proxy-us.steganos.com/	1969-12-31 23:59:59	Name: s Value: druu2k9iqjuqsgavqof7hiehib
.steganos.com/	1969-12-31 23:59:59	Name: a689bd3bc9944a0c583c077a80d0deb7 Value: n9pdtan944qe0ndl6fnblrp3u3
.steganos.com/	1970-01-21 02:25:15	Name: _ga_XFZQ8G3C84 Value: GS1.1.1702155669.1.0.1702155669.0.0.0
.steganos.com/	1970-01-21 02:25:15	Name: _ga Value: GA1.1.774795937.1702155669
www.steganos.com/	1970-01-21 01:34:51	Name: cpnb_cookiesSettings Value: %7B%22required-cookies%22%3A1%2C%22analytical-cookies%22%3A1%2C%22targeted-advertising-cookies%22%3A1%7D
.doubleclick.net/	1970-01-20 21:08:27	Name: APC Value: AfxxVi5E8tQLdalupEHYKahsWj_K4RkdzZirjKFC13eKIHPkPYYraA
.adnxs.com/	1970-01-20 18:58:51	Name: uuid2 Value: 4978328803300775309
.casalemedia.com/	1970-01-21 01:34:51	Name: CMID Value: ZXTVloHzDnfIK2.ncyqB9QAA
.casalemedia.com/	1970-01-20 18:58:51	Name: CMPS Value: 3455
.casalemedia.com/	1970-01-20 18:58:51	Name: CMPRO Value: 3455
.adnxs.com/	1970-01-20 18:58:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVMl=Y%/!]tbPl1M>e)ZlrFUfJ+tGXxp)?:Rr4Vv#r=E[[S'aWh*rD>dbQ[8/ioU[PPg3If)y3KL9D3I?+9L8:H!
.doubleclick.net/	1970-01-21 02:25:15	Name: IDE Value: AHWqTUmDEmFtOSOlzN40JfNV-tCGprOF9Gyo9lCLVwAVMXbhCV5Yk8_ie2nWpsVtoP0
.steganos.com/	1970-01-21 02:10:51	Name: __gads Value: ID=cc7791ee06a6471e:T=1702155670:RT=1702155670:S=ALNI_MaGeZi_IXdL8U2RLh6IYp7eMOEb7A
.steganos.com/	1970-01-21 02:10:51	Name: __gpi Value: UID=00000da7e945f3f5:T=1702155670:RT=1702155670:S=ALNI_MagJNnH80VJlGUReGQods-TwZV0zA
.rfihub.com/	1970-01-21 02:10:51	Name: rud Value: H4sIAAAAAAAA_-MSNjc3MTUwMjayNDW0NLYwNDIxMBTiM9QtSw0JLTbMdHE1Ci4AAPzmHo0lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dUkM9ckyyTVN8iuqTHELjgqOd_cKSAcAocx5fh4AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjc3MTUwMjayNDW0NLYwNDIxMBTiM9QtSw0JLTbMdHE1Ci4AAPzmHo0lAAAA
.everesttech.net/	1970-01-21 01:34:51	Name: everest_g_v2 Value: g_surferid~ZXTVlwAFul2ewgBd
.mediago.io/	1970-01-21 01:34:51	Name: __mguid_ Value: 81fa84b7df61f53715df0d00lpyjjdll
.blismedia.com/	1970-01-21 01:34:55	Name: b Value: 6574D5975EFD982CCCC3ADF3BLIS
.acuityplatform.com/	1970-01-21 01:34:51	Name: auid Value: 862498241481
.acuityplatform.com/	1970-01-21 01:34:51	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRhQMJTaomGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYUDCU2qI90aGlyZFBhcnR5VXNlcklkWkNBRVNFSDJsclY3VmJqN0hZT2g1V0w5LWNGNPv7hnZlcnNpb27C+w=="
.inmobi.com/	1970-01-20 18:58:51	Name: idsp_c Value: 29a74148-fb0b-4c96-9979-2cfb371de8b2
.teads.tv/	1970-01-21 01:33:25	Name: tt_viewer Value: 9b0c1759-4884-4cc0-94b5-502f947343ec
.simpli.fi/	1970-01-21 01:36:18	Name: suid Value: 8C0D48FBEFF74B30902D96EDC729DA70
.bidbrain.app/	1970-01-21 02:25:15	Name: uid_cross Value: 14ec6140-96d6-11ee-8836-defdd496105d
.adform.net/	1970-01-20 17:33:54	Name: C Value: 1
.dotomi.com/	1970-01-20 16:49:15	Name: DotomiTest Value: 5d258391cc3f051c
.adkernel.com/	1970-01-20 17:09:25	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 17:32:27	Name: ADKUID Value: A7215995837245993419
.tribalfusion.com/	1970-01-20 18:58:51	Name: ANON_ID Value: aUntuJON6Je8ZbUxralUAxWxkQrAr3aSMLbpgt90cY8Js3vXqC10VXwsTQZdFRkusX1NZdkcZcF3xuTGQUPDg7KZdoFwl
.adform.net/	1970-01-20 18:15:39	Name: uid Value: 4290613453562019681
.bidswitch.net/	1970-01-21 01:34:51	Name: tuuid Value: 12331c04-5631-4591-ac38-db189312681b
.bidswitch.net/	1970-01-21 01:34:51	Name: c Value: 1702155671
.bidswitch.net/	1970-01-21 01:34:51	Name: tuuid_lu Value: 1702155671
.zemanta.com/	1970-01-21 01:34:51	Name: zuid Value: WmaNEgXFylMvqojIWUZ6
.bidbrain.app/	1970-01-20 16:49:22	Name: sid_cross Value: 145f2d09-96d6-11ee-b0f3-4e54fa76f75b
.rfihub.com/	1970-01-21 02:10:51	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dUkM9ckyyTVN8iuqTHELjgqOd_cKSA_iNTQ3MDI0NTUzNzQ0N37FiMI3WcWCxDc1MQIAWS5rbU0AAAA
.yandex.ru/	1970-01-21 02:25:15	Name: yuidss Value: 416625501702155671
.yandex.ru/	1970-01-21 02:25:15	Name: yandexuid Value: 416625501702155671
.uuidksinc.net/	1970-01-21 01:34:51	Name: jcsuuid Value: BI6Djo7nHcvZcWSvq41N
.yahoo.com/	1970-01-21 01:35:13	Name: A3 Value: d=AQABBJfVdGUCEIH0GiK0Wnf0Ibh1D9KscPcFEgEBAQEndmV-ZQAAAAAA_eMAAA&S=AQAAAnOIwTd7Uw_rnNqpjTSGAjc
.send.microad.jp/	1970-01-20 18:58:51	Name: TR Value: 6668adc649d8980b3f46dbd87b11593053305d1a0b096707
.c.appier.net/	1970-01-21 01:34:51	Name: _auid Value: 2SS245HdAquFayXGl9V0ZQ
.c.appier.net/	1970-01-20 17:32:27	Name: _gu Value: CAESEJEVOKaC4wcdwWpXy5Gfjec

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.rfihub.com
a.tribalfusion.com
ad.doubleclick.net
aid.send.microad.jp
an.yandex.ru
b1sync.zemanta.com
bid.g.doubleclick.net
c1.adform.net
cdn.rtbrain.app
cm.g.doubleclick.net
dclk-match.dotomi.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g.bidbrain.app
gen.sendtric.com
googleads.g.doubleclick.net
ib.adnxs.com
mweb.ck.inmobi.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
proxy-us.steganos.com
rtb.adentifi.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
static.adsafeprotected.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
um.simpli.fi
ums.acuityplatform.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.steganos.com
www.temu.com
x.bidswitch.net
13.224.214.64
142.251.35.162
142.251.41.6
151.101.2.49
172.104.105.5
172.253.122.155
172.64.151.101
174.137.133.49
185.167.164.39
194.147.131.26
199.38.167.130
20.237.10.133
20.253.86.149
202.233.84.1
23.199.17.156
2600:1f13:800:7782:4718:9bfc:3344:bf82
2600:1f18:4e9:5a07:ef97:7d:cf8a:b882
2600:9000:25c8:fa00:8:48e:53c0:93a1
2606:4700:20::ac43:4abf
2606:4700:3034::6815:53c
2606:4700::6812:19ad
2606:ae80:1471:17::1080
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::200e
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2006
2607:f8b0:4006:822::200a
2a02:6b8::90
3.228.157.65
31.220.27.155
34.150.170.96
34.96.105.8
35.208.249.213
35.211.178.172
51.222.39.184
52.54.165.94
68.67.160.132
69.90.254.78
70.42.32.159
74.119.119.150
74.208.242.208
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03c7f745eb1cf36cc88fd626fb7e6a51ee3127b0c50d99498841e377692fb5ff
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba
086d203a37f0ad4f271aedd70ecf20b05f8321c95bd333d8b1d36556ff880120
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0deabe04f0a817f10734b5427b3904ca7a94554834b56f283ea9246660b119f1
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f786f0c22b2b768c5cd8e7f68d64ea82d290e07fcb11df843ca23ecfb48d698
1388a8cc7fcbed679913732fdff8ee6dcdff8d96781305123c33c6e2baa15666
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14934f12bc78b1d3f861aed423d39d63baa1a412518695f017fb8e296e19c616
162c00636a3468115f1ec9d654bad313f88832ece51480353e996a66f96922a9
17768fa627ba494b9a6660f08c91f89abf2875305a0dd14197911ff770269096
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1a6091b3872cde7ab31b9f305307bf7a0a313c32afc57b968a70a732c0f7a439
1a6463d6789e1caeedeb33dd9eca76f4cc45df9a84317bc76e64a04b9a900eee
1c012f50123281aa8e7f0c217e23e4eecf036f6cb3d68e09ed1398926b9dae37
1f07f26669c1ba0d399e49cc6e52ef50d9527eb8329200cb711cb463483cff92
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
27d3dc69033cf25086e1617f0c384ca78e868b68d01bf0eac887972addfbb721
293c74bf5d1cb7b3504548ee1f252f32c7577d5be6a732d1f8b1ae66865ab260
2c76fb8298f86291bf287540029811cceb58447f5c6154aebfead3c22817c1f7
2e1467831a581bdb5d6f5aa1a1ee5642546f5c5b946ac6b32dbaf6b75941ff55
2e888ba7b574bba12a58ece7defe1491888fe147636c4e53f42c27aa85ba47f2
3161536226ae7304c9253761c41f3236cf579b17efe7031bee7a783f24230457
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3560a550deaf2533ab6005ed7f6205ebe7e6671e820dfda56e2c8abea67f1545
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39f25ca48a0f506a8924971294acb6b3cee5375b1c7dcea6db5e8b1f7876a1e4
3b70807f9f9dc454eac9a09afc51044fb2159ba3ef66cabcadb90bdb4740faf9
3eb14959b30b76820df27eddae54d89807523ad15627db1677cfc3918a5e554c
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c037e73d354ce83e5351dbb4c86c64003a68146044ef2e1c0011893e0d0ca69
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae
5191e471eaef30e409577a0db03e92f7d28ea6d496fbab166bcd9c62bed6452a
537d7bdc085d85c226d1d9c180e4de28f7450d421b2e7ee3055aad02bddf6357
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58cdc23dd9a7bbe58227e48a147f82e61d766b84483fd99349d1a7b7a2211ebd
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5f11e5c21c34d76c6fd734b7d5c9bd1fbf18bd418d0413defdcd96f4aea31a24
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627a12f33dbe51b1b181000b2e878f9e86c0f2742d7c4883c7b03b47a8e135f5
65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c
69a273337d278739825c9ea36779221068543c1005f87d8a893660b1011abc75
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
75739866640443463e790b9da519c5919b2061d80834c1b91a67d33ea8b9f4ee
761744cc35ecd53aaba0f8ce484a8e0ec6918789906542923ac3e6c0a3a37b85
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
7e33e9cc8f9710cdf66432edcf19ed0d8a257a7c217ce15500fd8fd64c44b5e2
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d2beb101d4a2763ab1b5596b791ba2fd06cd286778e35890554c049305f8af4
9dadc1fb9a45a4f0aeb463bea2b0fa404b82b44fc8f1567e4d46b907b96b3b86
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a49707c1698eb42fa8fc4c0b0212abec0160ad20836d231aded032583cb22d5f
ac6f4fbd57e86b520be41757b90bbef63cfdd6d9584ce2e2353e73ad85df0a08
ae26fdf16fdf577c145238f802825fd9fe697bdff6a09960c0ab8894b9d13c8f
ae55db58ecb56df26351945eafa085c15e7b16542c5515a162e49c27b3334019
b04bcc0bc52c897d2a6d5e4dcc09f61ecbc5a1e51607063dd4046299ddab3ac1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2
b4d6b22089928a2b989f6f596c10c26ffaa7b71fb20a4125fde64ab1d3b43cd5
bfa14e8edd139f81c5ed3ae1fd52f40540412229b1bdb5523bec8989ee3c2eed
c499c2bf1d919fa8b55a22cc1fee13c41f637e6704ac242c3a34574ecbb79174
cc1a1f1928dc29d07aa59110f6818861ee43b9c09209a615edb2219ca4d0ac5b
ce07cf72d439d951f7ffa11f7c0b3d82ba32c8cd6ef679d56fd3dc504a6d3591
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e2ce2097eb60f99395fee7dd2e7f8fcb70c1f2b5fa90c530618db760cea28997
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519285cef9088bfc255eb75b9732afd29fcd8d276f816f43476cc11bb50e5d2
e5669e7c481146be8ad297c0c4351a5daea4ab74226f6ee8d32dfab79c8c9706
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e706941d2b2d960607454be5f6c1d5567feee2c8d5398f4f5f5f9c77476add49
eb0c68063f1bc372c96444851ca134452e8fab40255706234100d1d67b885fe4
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee10f11fe1e05e4dbbc22741d233591988784985255955730420db4d550397d9
ee8dde5c2900afdf35dec739f20a375922142b6f2bdc38c2f89ce734a9129da2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f99a4ebaa546d6931a1a6b65cacfc907bd56fcc75c55e890c932b1a58ea05e74
f9c6f3a48458ed918161fc64d41078d54e2f2e4062b7c16a140a86a82382125a
fbbd28acf6b90aa7a60d2b64287e3bc7bd9f461a8537f3de6f1b964dc10aa1a5
fe04505ed4d0e131ab14e07588bb85a4f42ac3979fe44b4484eea7802fbdf39d
fe7857661cbf6386f01bf627f1329e196fb85a3c8d2ce9f2b49336497ed96b1b
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.steganos.com Open in urlscan Pro 194.147.131.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

84 %HTTPS

39 %IPv6

39 Domains

48 Subdomains

30 IPs

8 Countries

3788 kBTransfer

6673 kBSize

45 Cookies

7 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.steganos.com Open in urlscan Pro
194.147.131.26 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

84 %
HTTPS

39 %
IPv6

39
Domains

48
Subdomains

30
IPs

8
Countries

3788 kB
Transfer

6673 kB
Size

45
Cookies

186 HTTP transactions
5 data transactions