upw.io Open in urlscan Pro
2606:4700:3037::ac43:c68f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Submission: On January 12 via manual (January 12th 2024, 6:40:46 pm UTC) from GB — Scanned from GB

Summary HTTP 200 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 22 domains to perform 200 HTTP transactions. The main IP is 2606:4700:3037::ac43:c68f, located in United States and belongs to CLOUDFLARENET, US. The main domain is upw.io.
TLS certificate: Issued by GTS CA 1P5 on January 4th 2024. Valid for: 3 months.

This is the only time upw.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	2606:4700:303... 2606:4700:3037::ac43:c68f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	23.45.238.53 23.45.238.53	16625 (AKAMAI-AS) (AKAMAI-AS)
26	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:855f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
12 24	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
24	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
5 6	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
200	30

33 2606:4700:3037::ac43:c68f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

upw.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.238.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-53.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:855f (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.trustedstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

a.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 12 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.34 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	592 KB
38	doubleclick.net 18 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199	256 KB
33	upw.io 1 redirects upw.io	261 KB
24	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	398 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	188 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	389 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	7 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	3 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	3 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 2019	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 930	400 B
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2890	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	exdynsrv.com a.exdynsrv.com — Cisco Umbrella Rank: 50552 syndication.exdynsrv.com — Cisco Umbrella Rank: 49116	37 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	92 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	142 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	trustedstats.com analytics.trustedstats.com	22 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1429	7 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 5050	361 B
200	22

	Domain	Requested by
33	upw.io	1 redirects upw.io static.cloudflareinsights.com
30	tpc.googlesyndication.com	googleads.g.doubleclick.net upw.io tpc.googlesyndication.com pagead2.googlesyndication.com
26	pagead2.googlesyndication.com	upw.io pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.gstatic.com www.googletagservices.com
24	www.googleadservices.com	upw.io
24	googleads.g.doubleclick.net	12 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net upw.io
16	s0.2mdn.net	upw.io s0.2mdn.net
12	www.gstatic.com	googleads.g.doubleclick.net
6	ad.doubleclick.net	1 redirects upw.io
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net upw.io
6	fonts.googleapis.com	upw.io googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	1 redirects upw.io tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.google.co.uk	upw.io
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	upw.io connect.facebook.net
2	www.googletagmanager.com	upw.io www.googletagmanager.com
1	www.facebook.com	upw.io
1	syndication.exdynsrv.com	a.exdynsrv.com
1	region1.analytics.google.com	www.googletagmanager.com
1	a.exdynsrv.com	upw.io
1	analytics.trustedstats.com	upw.io analytics.trustedstats.com
1	static.cloudflareinsights.com	upw.io
1	s7.addthis.com	upw.io
200	29

This site contains links to these domains. Also see Links.

Domain
yetishare.com
mfscripts.com
www.wikihow.com
www.youtube.com
cookiesandyou.com

Subject Issuer	Validity	Valid
upw.io GTS CA 1P5	`2024-01-04` - `2024-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
trustedstats.com E1	`2023-12-17` - `2024-03-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-22` - `2024-01-20`	3 months	crt.sh
1852405956.rsc.cdn77.org R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
exdynsrv.com R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Frame ID: 4898CAF9F4D041A0DD8FC129912FCB00
Requests: 60 HTTP requests in this frame

Frame: https://upw.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: B286A80AD3A5978E57F7E42425F20967
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 941404D21913A0F097C08CF68355C652
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=280&slotname=6072484026&adk=4075648247&adf=1289714761&pi=t.ma~as.6072484026&w=700&fwrn=4&fwrnh=100&lmt=1705084842&rafmt=1&format=700x280&url=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705084842530&bpp=2&bdt=509&idt=204&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=4421169109669&frm=20&pv=2&ga_vid=1257163246.1705084843&ga_sid=1705084843&ga_hid=1820098524&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080261%2C95321627&oid=2&pvsid=1219922275380327&tmod=118338571&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: 10C84513EF1F4CACA183134E78A6BA93
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=420&slotname=2767378426&adk=1190603583&adf=4129017712&pi=t.ma~as.2767378426&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1705084842&rafmt=9&format=700x420&url=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&ea=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705084842532&bpp=1&bdt=511&idt=212&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=700x280&correlator=4421169109669&frm=20&pv=1&ga_vid=1257163246.1705084843&ga_sid=1705084843&ga_hid=1820098524&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080261%2C95321627&oid=2&pvsid=1219922275380327&tmod=118338571&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Frame ID: B2F8442B5477B38D23AE06F8B31EF003
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&adk=1812271804&adf=3025194257&lmt=1705084842&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705084842540&bpp=2&bdt=519&idt=207&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=700x280%2C700x420&nras=1&correlator=4421169109669&frm=20&pv=1&ga_vid=1257163246.1705084843&ga_sid=1705084843&ga_hid=1820098524&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080261%2C95321627&oid=2&pvsid=1219922275380327&tmod=118338571&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=213
Frame ID: BF79CA443BC8BF843B1F30154CE8084F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 59D840666B06577B80C84D8B04EAAE82
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F88C098FF80881A088B73E7E4EBFFBCB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C8780425A09C83D556E7F8C857DCAF7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B81A7BD6D2CF2E0B925071D5647E58B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 564A1931CC3DE562803F32397D79233C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNXNITYXEgog9oeEpzWJYlqSqIG9eJ1rXr3QHyu_Pru2HcCTKDTHYk_znkaJTU7heap2QJ8r4bMAPX0rsrP-NtnU4P_PLseFsbOAhNFAwuIZu8bf1Q52_p_TVQXHiAuW0qFpdhonYBV_mlD0Hk66yGdoDKavH91ak-VYuXDgLDel98Nok6E
Frame ID: 4084FC1A204BA40601134591200870EC
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 44D57A1E738DB075F812A0976D3F6A75
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNVQuwphS92O_c72Y1JazmYAiTlt3Dp6HtqgTntb-U30KI2vBXjip95x0BY6Y1BeBSYDPlZeGs9pZd1aH3ChQXQekYPBDact5vr7F_lL2nyFtw178vnhRQhCPjm_o0GD9tT3LkgrhxcuphOd5w_Gkof3x08aQCnuL5KCkoSx8qB-ab3R48o
Frame ID: C1227C5DAA0D3487D9FC03175EB71BE3
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 1D7ED0A7BC2EA1F44834795F89A23CDD
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: 06590C1C73FE47A7F65EC3C084B98F27
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: BBC0C21CD8FC8D7EFC21218C803E0DE6
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 099FC8306F36086DACEBCDA4F0BCB5F9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: FFDA84817D471D4B329F1BC6490815BB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: C5910E94E2D74334E7929D57EECCC2CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: E7D53F8B080224513CD04F676A20A027
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
Frame ID: 2B906768D087FBD1470B0D18B539884D
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
Frame ID: 1C889F9BA2216B5F86C1D1EC6ECEBAF4
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 47922F568DFEF74C27FFC90E85F87061
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E63077CC6289F28EDAC19D389D7A49E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

vios-adventerprisek9-m.spa.159-3.m6.qcow2 - UPW.IO

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

200
Requests

90 %
HTTPS

69 %
IPv6

22
Domains

29
Subdomains

30
IPs

5
Countries

2416 kB
Transfer

7109 kB
Size

21
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://yetishare.com/
Title: Yetishare File Upload Script

Search URL Search Domain Scan URL

URL: https://mfscripts.com/
Title: MFScripts

Search URL Search Domain Scan URL

URL: http://www.wikihow.com/Disable-Adblock

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=roWd3cISn2M
Title: Chrome

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=e3x4M3gfhhM
Title: Firefox

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=LgIQY3uavf8
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://upw.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://upw.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Request Chain 71

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci-gFqoehZZ6FMIvb1fAPjpCpyAujyPuKbeS94NnqEcCNtwEQASDr5sZBKApgu4aAgNAKoAGG_fPUA8gBBqgDAcgDAqoE4wFP0ER9URMyPWeKq0SXQJWFe-9MntJ09wwTmz-chHZIUQJ40hF7i2khgv-CbuI9KqF9Yel0j3WG0NPFJgzeOro3xNJctrJvOWsRTVdEuhVZse8tCA6Wwhc4FF8SN9ivpnvi00iNXRIOldxfvFn-jvbMoUYs2NvSrDRdO02nEhIXXwwzEAZcfyO-QLhjUQ09Y6V1Wf09ZgvF-rZtfZnYSS1CsLxlICxCzacMeELPYjshNX2zP3RFd4jIv4m90iVGjAbFc2lnxJH1C_8agVZU1Ks14R2Q1hc2kORhLR-K7J7wqXCt-sAElNaMgNwDiAXSq46LAZIFBAgEGAGSBQQIBRgEoAY3gAe6vME4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqcgQ0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WMTn9oLA2IMDmgkwaHR0cHM6Ly9maWxtb3JhLndvbmRlcnNoYXJlLm5ldC9haS1mZWF0dXJlcy5odG1sgAoByAsBogwIKgYKBKy6sQLYEwKIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMTEzMzAyMTMzMDIzNjM1NhgA&sigh=rClJ-o8agQo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_ic6Dq8pIoKkW3i4ctPN2IMlSjjiehgLJ2t3MZbsN7AWdsmLxZxOpMkkn6TPclhwlUaQdKcZi5Xy1jqEVC0sDXNeN4_JM3dxhEW8YAQ&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216299099997562844539%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22983367302%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225604050912571298897%22}&andc=true

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=CJgxxqoehZZ6FMIvb1fAPjpCpyAv9gvnSdIXEuNXaDK4CEAIg6-bGQSgKYLuGgIDQCqABmZit2wPIAQaoAwHIAwKqBOUBT9AxdVQTMT1niqtEl0CVhXvvTJ7SdPcME5s_nIR2SFECeNIRe4tpIYL_gm7iPSqhfWHpdI91htDTxSYM3jq6N8TSXLaybzlrEU1XRLoVWbHvLQgOlsIXOBRfEjfYr6Z74ttIEieeFSyJ_2WzFUydzKGxwzNGUEPf25uiUbYV6kxIzgPCqXyjS0O4FlsNSGmlgFj9yGcLMOm2mG6ZLUott7O4kCsot8an-XtCOmE61DZ9UznXSuRu6x6scNryjSsaV_zalvkmVnMFobi3v_2MP7w_nM7vxfbJivYxqOKGcyhJ-E7D_cAEjszp7eoBiAX-84uZBpIFBAgEGAGSBQQIBRgEoAY3gAfP59IkqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqcgQ0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WMTn9oLA2IMDmglIaHR0cHM6Ly9kb3dubG9hZC5kcml2ZXJzdXBwb3J0LmNvbS9scC9nZG4vZmFsY29uP3RpZD1HRE4tQ3VzdG9tLUFmZmluaXR5gAoByAsBogwIKgYKBKy6sQLYEwyIFAbQFQGAFwGyFxwKGggAEhRwdWItMTEzMzAyMTMzMDIzNjM1NhgA&sigh=ULEV74M8334&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_ic6Dq8pIoKkW3i4ctPN2IMlSjjiehgLJ2t3MZbsN7AWdsmLxZxOpMkkn6TPclhwlUaQdKcZi5Xy1jqEVC0sDXNeN4_JM3dxhEW8YAQ&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227517387958130898878%22,%22debug_reporting%22:true,%22destination%22:%22https://driversupport.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996887577%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215078909010151689649%22}&andc=true

Request Chain 73

https://googleads.g.doubleclick.net/pagead/adview?ai=CGwJXqoehZZ6FMIvb1fAPjpCpyAvAkJiqddyY__CeEmQQAyDr5sZBKApgu4aAgNAKoAHQk9PAA8gBBqkCTmIqKKxntT6oAwHIAwKqBPkBT9B3H04TMD1niqtEl0CVhXvvTJ7SdPcME5s_nIR2SFECeNIRe4tpIYL_gm7iPSqhfWHpdI91htDTxSYM3jq6N8TSXLaybzlrEU1XRLoVWbHvLQgOlsIXOBRfEjfYr9544ptIHC-eqUQ277Xx3Zd3J2PawzOxv6hCWXRJ1xb6HOhPMxCGVG9nvkA441gNPWOl9VL9PWYLxei2bX2Z2FktQrC4ZSgsQs2jDHBCz2I6ITV8pjrXquKw5bEJYF4lEY5E7jLHBDO99XWNJpVQfPZ2rF0ynAg5fJUvYbMVqOKGdChzjFbzwzsqli6Ve_kR57Y7bvuBG_xGI9DDwATC86Wy0QSIBZ-26vxNkgUECAQYAZIFBAgFGASgBjeAB5jsrD-oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCpyBDSCCEIgOGAEBABGB8yAqoCOgSAQIBASL39wTpYxOf2gsDYgwOaCZMBaHR0cHM6Ly93d3cuYm92aXNob21lcy5jby51ay9kZXZlbG9wbWVudHMvY2hlc2hpcmUvYm9sbGluLWdyYW5nZS1tYWNjbGVzZmllbGQ_dXRtX3NvdXJjZT1wcm9zcGVjdGdlbmVyYXRvciZ1dG1fbWVkaXVtPWFkMmRpZ2l0YWwmdXRtX2NhbXBhaWduPU5NQUNTgAoByAsBogwIKgYKBKy6sQLYEwqIFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItMTEzMzAyMTMzMDIzNjM1NhgA&sigh=K7HSO6zOxo8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_ic6Dq8pIoKkW3i4ctPN2IMlSjjiehgLJ2t3MZbsN7AWdsmLxZxOpMkkn6TPclhwlUaQdKcZi5Xy1jqEVC0sDXNeN4_JM3dxhEW8YAQ&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228324097679848364598%22,%22debug_reporting%22:true,%22destination%22:%22https://bovishomes.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22940886480%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225884789250632279537%22}&andc=true

Request Chain 74

https://googleads.g.doubleclick.net/pagead/adview?ai=CGum5qoehZZ6FMIvb1fAPjpCpyAu9uIWUdeOKweeTEmQQBCDr5sZBKApgu4aAgNAKoAHdte2FA8gBBqkCH26LLStmsj6oAwHIAwKqBOoBT9AUDlcTNz1niqtEl0CVhXvvTJ7SdPcME5s_nIR2SFECeNIRe4tpIYL_gm7iPSqhfWHpdI91htDTxSYM3jq6N8TSXLaybzlrEU1XRLoVWbHvLQgOlsIXOBRfEjfYr9544ptIHC-eqUQ2qcWxpJV3J2PawzOxv6hCWXRJ1xb6HOhPMxCGVG9nvkA441gNPWOl9VL9PWYLxei2bX2Z2FktQrC4ZSgsQs2jDHBCz2I6ITV8pjrXquKw5bFYDWDa3kstzfb43qOE3v_IeLyjbQRJqGO2s-Zn1AkASQMHYV0E1h-jWO1B9MXzT_-cwASLpJmazQSIBbbBu_FNkgUECAQYAZIFBAgFGASgBjeAB9m7kb8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqcgQ0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WMTn9oLA2IMDmgmaAWh0dHBzOi8vd3d3LnByb2R1Y3RzdXAuY29tL2d1aWRlcy9mb3JyZXN0ZXItd2F2ZS1waW0tcTQtMjAyMy1yZXBvcnQvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09cGFpZCZ1dG1fY2FtcGFpZ249MjAyMy1mb3JyZXN0ZXItd2F2ZS1waW0tcTQtMjAyMy1yZXBvcnSACgHICwGiDAgqBgoErLqxAtgTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi0xMTMzMDIxMzMwMjM2MzU2GAA&sigh=Dv-t8IpjO-A&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_ic6Dq8pIoKkW3i4ctPN2IMlSjjiehgLJ2t3MZbsN7AWdsmLxZxOpMkkn6TPclhwlUaQdKcZi5Xy1jqEVC0sDXNeN4_JM3dxhEW8YAQ&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211322334193132735094%22,%22debug_reporting%22:true,%22destination%22:%22https://productsup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22817584861%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225057498377838177953%22}&andc=true

Request Chain 75

https://googleads.g.doubleclick.net/pagead/adview?ai=C_TpBqoehZZ6FMIvb1fAPjpCpyAva-Mv2dJ7F4Jf7Ed65oMyeJhAFIOvmxkEoCmC7hoCA0AqgAaikguEDyAEGqQIfbostK2ayPqgDAcgDAqoE6QFP0HJ-VBM2PWeKq0SXQJWFe-9MntJ09wwTmz-chHZIUQJ40hF7i2khgv-CbuI9KqF9Yel0j3WG0NPFJgzeOro3xNJctrJvOWsRTVdEuhVZse8tCA6Wwhc4FF8SN9iv3njim0gcL563RDav09Pcl3cnY9rDM7G_qEJZdEnXFvoc6E8zEIZUb2e-QDjjWA09Y6X1Uv09ZgvF6LZtfZnYWS1CsLhlKCxCzaMMcELPYjohNXymOteq4rDlsVkNSXsRjiXN1rkEM631N8oYnFB8wkfkYjK0eOn_KwBFF9lvEQVSEoFY41ckx5NvDMAEgZW134wEiAWWsLy6RJIFBAgEGAGSBQQIBRgEoAY3gAfA2_0eqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqcgQ0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WMTn9oLA2IMDmgm7AWh0dHBzOi8vd3d3Lm1pcmFrbC5jb20vcmVzb3VyY2VzLzExLWVzc2VudGlhbC1iZXN0LXByYWN0aWNlcy1mcm9tLWxlYWRpbmctZW50ZXJwcmlzZS1tYXJrZXRwbGFjZXM_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPTE4MzcyODQ1OTY4JnV0bV90ZXJtPSZ1dG1fY29udGVudD0mYWRncm91cD2ACgHICwGiDAgqBgoErLqxAtgTDNAVAYAXAbIXHAoaCAASFHB1Yi0xMTMzMDIxMzMwMjM2MzU2GAA&sigh=bwJM5346GZg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_ic6Dq8pIoKkW3i4ctPN2IMlSjjiehgLJ2t3MZbsN7AWdsmLxZxOpMkkn6TPclhwlUaQdKcZi5Xy1jqEVC0sDXNeN4_JM3dxhEW8YAQ&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211892236508235203370%22,%22debug_reporting%22:true,%22destination%22:%22https://mirakl.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221008767528%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227480540803513703281%22}&andc=true

Request Chain 76

https://googleads.g.doubleclick.net/pagead/adview?ai=CXT6oqoehZZ6FMIvb1fAPjpCpyAvVwueOdKar4MrBEWQQBiDr5sZBKApgu4aAgNAKoAHVxKaLA8gBBqkCmxPUIGiajT6oAwHIAwKqBOgBT9B0H14TNT1niqtEl0CVhXvvTJ7SdPcME5s_nIR2SFECeNIRe4tpIYL_gm7iPSqhfWHpdI91htDTxSYM3jq6N8TSXLaybzlrEU1XRLoVWbHvLQgOlsIXOBRfEjfYr9544ptIHC-eqUQ20O-C2pd3J2PawzOxv6hCWXRJ1xb6HOhPMxCGVG9nvkA441gNPWOl9VL9PWYLxei2bX2Z2FktQrC4ZSgsQs2jDHBCz2I6ITV8pjrXquKw5bFRHSoREY4lzda5BDOs9R3SR9dQfNN7pGkytMfB3SsMUe3ZbFCoXzCBVvWYNaqiucAEi7K2yqUEiAWNupuiQJIFBAgEGAGSBQQIBRgEoAY3gAeTu9l0qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqcgQ0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WMTn9oLA2IMDmglEaHR0cHM6Ly93YXlkZXYuY28vZW5naW5lZXJpbmctbWFuYWdlcnMtaGFuZGJvb2svP2t3PSZjcG49MTcyNTUwOTcyODCACgHICwGiDAgqBgoErLqxAtgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMTMzMDIxMzMwMjM2MzU2GAA&sigh=gQd2EQ2XBfE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_ic6Dq8pIoKkW3i4ctPN2IMlSjjiehgLJ2t3MZbsN7AWdsmLxZxOpMkkn6TPclhwlUaQdKcZi5Xy1jqEVC0sDXNeN4_JM3dxhEW8YAQ&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215610840827333796020%22,%22debug_reporting%22:true,%22destination%22:%22https://waydev.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22829006421%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229485319959673306945%22}&andc=true

Request Chain 77

https://googleads.g.doubleclick.net/pagead/adview?ai=C1fjAqoehZZ6FMIvb1fAPjpCpyAvTrrr2dJfEhLufEpeMi_GnDhAHIOvmxkEoCmC7hoCA0AqgAdHIt7ApyAEGqQIfbostK2ayPqgDAcgDAqoE6gFP0D9YVBM0PWeKq0SXQJWFe-9MntJ09wwTmz-chHZIUQJ40hF7i2khgv-CbuI9KqF9Yel0j3WG0NPFJgzeOro3xNJctrJvOWsRTVdEuhVZse8tCA6Wwhc4FF8SN9iv3njim0gcL563RDa4_9G_l3cnY9rDM7G_qEJZdEnXFvoc6E8zEIZUb2e-QDjjWA09Y6X1Uv09ZgvF6LZtfZnYWS1CsLhlKCxCzaMMcELPYjohNXymOteq4rDlsUR1Wd_YSy3N9tjfo4Te_9d8kbFRBBqaZpmz5lXXCQBJAwcybwH5H6NY7UH02vdi7aDABLbwy_acBIgFv82Sy0mSBQQIBBgBkgUECAUYBKAGN4AH0YCIkASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCpyBDSCCEIgOGAEBABGB8yAqoCOgSAQIBASL39wTpYxOf2gsDYgwOaCSlodHRwczovL3d3dy5zZWNvbmRtYW51YWwuY29tL3JlZ2lzdHJhdGlvboAKAcgLAaIMCCoGCgSsurEC2BML0BUBmBYBgBcBshccChoIABIUcHViLTExMzMwMjEzMzAyMzYzNTYYAA&sigh=w4MCbAdhom8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_ic6Dq8pIoKkW3i4ctPN2IMlSjjiehgLJ2t3MZbsN7AWdsmLxZxOpMkkn6TPclhwlUaQdKcZi5Xy1jqEVC0sDXNeN4_JM3dxhEW8YAQ&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211220392387429350884%22,%22debug_reporting%22:true,%22destination%22:%22https://secondmanual.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211107427409%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213351110745989371393%22}&andc=true

Request Chain 78

https://googleads.g.doubleclick.net/pagead/adview?ai=CxPWkqoehZZ6FMIvb1fAPjpCpyAvT4se-dPTlt5-wEqKUxJKNDhAIIOvmxkEoCmC7hoCA0AqgAa7M1f4DyAEGqAMByAMCqgTmAU_QL05UEzs9Z4qrRJdAlYV770ye0nT3DBObP5yEdkhRAnjSEXuLaSGC_4Ju4j0qoX1h6XSPdYbQ08UmDN46ujfE0ly2sm85axFNV0S6FVmx7y0IDpbCFzgUXxI32K_eeOKbSBwvnrdENprToARlnOWgMChZMFQ127afz1X5EbhIvcUTjkw71kjDuONY-MtgJXxbCMtlC8fqQ5t-mchJ2LSzuGUo2bTKpwR4tzlhOiE1iVA41qrjUQNbbtcfbb3GMo1s8rwxAS9k1btluOSJSjnJFL7O49EzxtGC96TAhn0-md831C0DwASCtrfOqwSIBY-FhNhMkgUECAQYAZIFBAgFGASgBjeAB7qzqgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCpyBDSCCEIgOGAEBABGB8yAqoCOgSAQIBASL39wTpYxOf2gsDYgwOaCbgBaHR0cHM6Ly93d3cua2VudGljby5jb20vZGlzY292ZXIvcmVzb3VyY2VzL2hvdy10by1jaG9vc2UteW91ci1uZXh0LWNtcz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249YWxsX2Vib29rcyZ1dG1fdHlwZT1wZXJmb3JtYW5jZV9tYXgmdXRtX2F1ZGllbmNlPWV1JnV0bV90ZXJtPWVib29rc4AKAcgLAaIMCCoGCgSsurEC2BMM0BUBgBcBshccChoIABIUcHViLTExMzMwMjEzMzAyMzYzNTYYAA&sigh=9DCuqDQYFSA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_ic6Dq8pIoKkW3i4ctPN2IMlSjjiehgLJ2t3MZbsN7AWdsmLxZxOpMkkn6TPclhwlUaQdKcZi5Xy1jqEVC0sDXNeN4_JM3dxhEW8YAQ&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225896045087429215399%22,%22debug_reporting%22:true,%22destination%22:%22https://kentico.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221070949934%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213694720303071547521%22}&andc=true

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=ClnP6qoehZZ6FMIvb1fAPjpCpyAvTg7qZdb73mK6gEsCNtwEQCSDr5sZBKApgu4aAgNAKoAHd8KrAKsgBBqgDAcgDAqoE5AFP0Gp4VxM6PWeKq0SXQJWFe-9MntJ09wwTmz-chHZIUQJ40hF7i2khgv-CbuI9KqF9Yel0j3WG0NPFJgzeOro3xNJctrJvOWsRTVdEuhVZse8tCA6Wwhc4FF8SN9ivpnvi00j8ByxlltxfvFn-jvbMoUYs2NvSrDRdO02nEhIXXwwzEAZcfyO-QLhjUQ09Y6V1Wf09ZgvF-rZtfZnYSS1CsLxlICxCzacMeELPYjshNX2zP00iBGIAeoG90mWcHC_u_jxJxE7b_9x9xtxTLHQewx2cwvsV96PrID2K4ohl_F6tJWHABLzEpP3XBIgF3vKAtk2SBQQIBBgBkgUECAUYBKAGN4AH3aj7nwWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCpyBDSCCEIgOGAEBABGB8yAqoCOgSAQIBASL39wTpYxOf2gsDYgwOaCYMBaHR0cHM6Ly9wZGZpeGVycy5jb20vZG93bmxvYWRQYWdlLmh0bWw_Y2FtcGFpZ25faWQ9MjA3ODI3OTEwMDYmYWRncm91cF9pZD0xNjEwNTU1ODA3MzImcGxhY2VtZW50X2lkPXVwdy5pbyZjcmVhdGl2ZV9pZD02ODE1MTk4ODEyMTOACgHICwGiDAgqBgoErLqxAtgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMTMzMDIxMzMwMjM2MzU2GAA&sigh=iHTQePYB7LA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_ic6Dq8pIoKkW3i4ctPN2IMlSjjiehgLJ2t3MZbsN7AWdsmLxZxOpMkkn6TPclhwlUaQdKcZi5Xy1jqEVC0sDXNeN4_JM3dxhEW8YAQ&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22235927842162435809%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221377452131993037345%22}&andc=true

Request Chain 80

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ5hBqoehZZ6FMIvb1fAPjpCpyAug7aqTdbTaht7GEmQQCiDr5sZBKApgu4aAgNAKoAGMqfrCAcgBBqgDAcgDAqoE6QFP0EIkVBM5PWeKq0SXQJWFe-9MntJ09wwTmz-chHZIUQJ40hF7i2khgv-CbuI9KqF9Yel0j3WG0NPFJgzeOro3xNJctrJvOWsRTVdEuhVZse8tCA6Wwhc4FF8SN9iv3njim0gcL56pRDaSorPDl3cnY9rDM7G_qEJZdEnXFvoc6E8zEIZUb2e-QDjjWA09Y6X1Uv09ZgvF6LZtfZnYWS1CsLhlKCxCzaMMcELPYjohNXymOteq4rDlsVZ-b_TZSy3N9vjeo4Tf_8pP59RTBCXXBaCz5r7_KwBFF8FkYCxSEoFY41dr2c4rDcAE4OywmMYEiAWgpp-zTZIFBAgEGAGSBQQIBRgEoAY3gAe1kv7hBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKnIENIIIQiA4YAQEAEYHzICqgI6BIBAgEBIvf3BOljE5_aCwNiDA5oJxwFodHRwczovL3VrLmluZGVlZC5jb20vaGlyZS9lYm9vay10aGUtYmV0dGVyLXdvcmstcGxheWJvb2s_a3c9JnNpZD1nYl90bXBfdWNfZnV0dXJlLW9mLXdvcmstZnkyMy1nbG9iYWxfc2NfYmV0dGVyLXdvcmstZWJvb2tfcTMtMjAyM190bl9lY212Y19jaF9iYW4tZ29vZ2xlLWRpc3BsYXlfYXVfbXVsdGktdG9waWNfcHJfZ3RfY3JfX3RhX19wbF8ma3c9gAoByAsBogwIKgYKBKy6sQLYEwqIFALQFQGAFwGyFxwKGggAEhRwdWItMTEzMzAyMTMzMDIzNjM1NhgA&sigh=cFGcPeC_3X8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_ic6Dq8pIoKkW3i4ctPN2IMlSjjiehgLJ2t3MZbsN7AWdsmLxZxOpMkkn6TPclhwlUaQdKcZi5Xy1jqEVC0sDXNeN4_JM3dxhEW8YAQ&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213423291963833896106%22,%22debug_reporting%22:true,%22destination%22:%22https://indeed.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22408851596%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2232827631308816993%22}&andc=true

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://googleads.g.doubleclick.net/pagead/adview?ai=C8VSAqoehZaelMKrF1fAProKO-AH737Sjdcm12d6yErGO_MIDEAEg6-bGQWC7hoCA0AqgAffim7QoyAECqAMByAPJBKoE5wFP0DpRpvfpTQWwrdWMMWbMRJXLZAPdv3LJKmXU-KxqBoFSuspYM0G1p8mv-lhv4s64OSSy7RsKXdjfC8DtvUmBWvOarcWm1FqMg8KyduNR7nwIiETp8enXimw_RcIGeWY6oBlG0F7IzW08hI6_XEVASUn73UbG485803wMDKk2M1iJ5KBSakjQE81S3mlChlU0fdrFklkVFO3a5VPD1QLWhW_fwvy65zr-Uh4NjvJIQyNDqHbEPk6ziLaeHmUiCr4Fq4nS-BFV01YbVdr8V7iZPsfHsoAD6sPnE9Fsqwjh2cfJ5Y1UZWjABM3E16S_BIgFp4fs-U2SBQQIBBgBkgUECAUYBKAGAoAH95rskwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRCFg7cB0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WMT89oLA2IMDmgk-aHR0cHM6Ly9mcmVlLndlYmNvbXBhbmlvbi5jb20vbWluaW1lL2VuZy8_Y2FtcGFpZ249MjA5MjUwNTU5MTGACgHICwGiDAgqBgoErLqxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi0xMTMzMDIxMzMwMjM2MzU2GAA&sigh=djWlGwT3YRo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_1qXwbKEO5uu39Bi0KB8ui8L2IqpCqmc5tMkSobjuMwk9qwaMuvxjN10vt5NYt0b6DPQppHrFjrxvnn2plFeUBM3y6B8N3Lb7LBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213602064292039348763%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214601209625165029745%22}&andc=true

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnrN4IeWqLO3Pyb11R-Dv8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnrN4IeWqLO3Pyb11R-Dv8&google_cver=1&C=1

Request Chain 151

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaGHrIsOYQeIsj6OKbo3OwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnrN4IeWqLO3Pyb11R-Dv8&google_cver=1

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEApWJ2fI0QoATnkAnfjjBkY&google_cver=1

Request Chain 153

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI4NjAwMjU3Nzc2NjY3MjY1NQ%3D%3D

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJD_BVKqbENj46zuQ-8p03A&google_cver=1

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENiA5yxmdlZdnEakg07-jy4&google_cver=1

Request Chain 164

https://googleads.g.doubleclick.net/pagead/adview?ai=CRmtbqoehZbPaMOS71fAP9aK44AyorO2Zdd3overdEZyMspSPDBABIOvmxkFgu4aAgNAKoAHS-MviA8gBCagDAcgDywSqBO8BT9DBd0HMd-wyvG2qSvatr0DMDo5oKoIi0wheYHarBeRgxbu8ZrUfpCDs_ci7DylrLjNd25wU-j3_hNwVsrQQMrXPXVqAaen2iDi0JAhQI9vclSZLJIeubqWwa7ZIB5IinKjiXparuc2ecHc2tz41zHMKlrrKuKp23NuTmMdclU_MG1D6JcxgzRfPrzP4SHzGp0MkdJ7ewJKJ9ocMFsJFKIxEKCOxBvuH3ZO_8PPLV1MJcdlJlU_3XYMxGkUkkogGkpba_FDsFg-Sb8EhOO5LnBZh2aMR5a3T9hFMFNA2xEduqqUTcn2Tb4-jxtWzFUnABNXc1oeIAogF_4CBsgegBi6AB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCutQvSCCEIgOGAEBABGB8yAqoCOgSAQIBASL39wTpY-LH3gsDYgwOaCS1odHRwczovL3d3dy5zcXVhcmVzcGFjZS5jb20vd2Vic2l0ZS1tYXJrZXRpbmeACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItMTEzMzAyMTMzMDIzNjM1NhgA&sigh=cB-8LTBoUuo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_Tj8Ry_T25ET1vJBfmURILRSGlPBbBw6C8Sg_QfSKOdaExNQZkYd0FcCwhuS3ZYmPweXSWZPY53Tk6B4veeozlOAsUK6vGDURzNMYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211208598904742341624%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221012071506%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215270924065197908561%22}&andc=true

Request Chain 165

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375471074;dc_trk_aid=566510985;dc_trk_cid=198755286;ord=4284966511;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375471074;dc_pre=CKOT74PA2IMDFVz0EQgdQ5cEXw;dc_trk_aid=566510985;dc_trk_cid=198755286;ord=4284966511;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2

200 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request vios-adventerprisek9-m.spa.159-3.m6.qcow2 Show response
upw.io/4El/ 33 KB
9 KB 295ms
208ms Document
text/html 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33bc670010d16d33508963e7da17cae4bd5d97da674f47cceb5cd1740dbd397b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate no-cache
cf-cache-status: DYNAMIC
cf-ray: 844787856ff403bb-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjLpbCBtIsz0BrOrDde7Z%2F3JUvU8W79Fw51T1e37bvUtpWHyrI70FBFAqKrqXuyDTAtZKp39jWjHNhkXHJdrJQDm59hPD7jMHWZZlcY5NXajOjnRotY0sgHnO92mpYe%2F7AikSz8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
upw.io/themes/spirit/assets/frontend/css/ 75 KB
13 KB 140ms
138ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/bootstrap.min.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-12c7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jtgTDfdyZqv8ixr%2BBJuGeNxig74twW6HdcS9%2FNx%2BySebVj0ZUQVZX%2FWWDBjOpxK32is8RVMOzZttZV9b%2FWiTouiKmZrsMYE%2Fqxgh6D0PMirUySo9Z%2F0Ud%2BstcTJ0PmiNnIIwXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786b9aa03bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 stack-interface.css
upw.io/themes/spirit/assets/frontend/css/ 2 KB
780 B 186ms
184ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/stack-interface.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3160
etag: W/"5f8bebc0-c58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDFXbYidLDw7YzPWmo4zIV58Aqb7RKvCw2ZHPkCXrDTt%2F68El5pmHxQ%2Fpd2nx0yx%2B7XNHBk49hfTYkYBuoukS9q2eo%2BjEGz1MmmfSSonfVrS1wWJcnIxyMO3wbyGyNV0beL3VeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786b9ab03bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 socicon.css
upw.io/themes/spirit/assets/frontend/css/ 10 KB
2 KB 142ms
140ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/socicon.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-266e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0DknjS0QokXGkVYIMY34x84bp5QifRYsAuYSR6afdTYz9dk8rFpE6pZWQ9VdY7jcnFhyjYSZ0Ajrw48KraJGNGUZaL5o3jEZsd4Llyph9FS6No5hyIwCe73jbfbYXRuvQi4AQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786b9ae03bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 lightbox.min.css
upw.io/themes/spirit/assets/frontend/css/ 4 KB
1 KB 139ms
137ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/lightbox.min.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-f31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBXNt9ABgd%2BZwKbvDr4tENf%2B7ARZzh1r58Tskh%2FetSY7B68rz1kEvDbLI3QifoC%2BxxnxsJovey072Y7QgxM7NXG3yWdO0fPGCbE7jMv5iucIKa0qQKMgaHbvd7dDm1tnhR1IcRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786b9af03bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 flickity.css
upw.io/themes/spirit/assets/frontend/css/ 2 KB
907 B 161ms
159ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/flickity.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2521
etag: W/"5f8bebc0-9d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRdS2KeFUDVecygDI6NZU99Qs%2Ftc4CE42NssJGL4jPe5gBotlC14SEogLme90o63MCjPB%2FdJbRs%2FXdNunJMuKAigUcQpYUgU0ej1ZZbIB5GF8%2FGgYdY2FaQH7eXODU40y0S4RUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786b9b103bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 iconsmind.css
upw.io/themes/spirit/assets/frontend/css/ 100 KB
15 KB 206ms
205ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/iconsmind.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-19147"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFtwMKwxQ9Vu42z71uy6AtU2S1yQ7BG6brxQWfDCesDU2w0x5G7dKcHrzLlJXkl%2F9m8rtoxpRKbioWvr9AroeySVOigdgxxQcv4N4u%2BO%2BgPVUDze1pf6W53fjov1rmj0ljaW6vs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786b9b203bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.steps.css
upw.io/themes/spirit/assets/frontend/css/ 4 KB
1 KB 151ms
149ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/jquery.steps.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6019
etag: W/"5f8bebc0-1783"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MN24QnYGrh%2FvRf5lOvqo3YKeaVdvqVeKSdKTxJ5yESRAoL9TjDpLF0feKl2WvmVsiuDpSfIxcWf%2BwPr2dshir%2F4zi%2FBsO4%2FK9xRGlNNWCgE2iXBAvk4CtXzeb642QhMpJKFkJZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786c9b303bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookiealert.css
upw.io/themes/spirit/assets/frontend/css/ 12 KB
9 KB 163ms
161ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/cookiealert.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=12369
etag: W/"5f8bebc0-3051"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQgznsE9c6WZWBNtTM6oA4wTjKQM5OwrXj7dXFaihT8stxco9YWd9vuUFnQKyGZExhWiC%2BzwCM4i0WyvM%2B%2F4t66JfK%2BpVzf9KTyp6gvcPa3YtvQAGGTBLJdJfQFv%2FOzpRMgIJU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786c9b503bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 theme.css
upw.io/themes/spirit/assets/frontend/css/ 158 KB
28 KB 146ms
144ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/theme.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e5770d873b4f9e048c7b3ebd66b0884ce02799cbf4e8d5036386e55e707e57

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=206456
etag: W/"5f8bebc0-32678"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcX0VudljLQQmtQElcvS0JsG6YsHmXxn9AlMWuPMzB1HNDPSzwFYipbX%2FXLqpcTM1b2sWuhEzF4qQ%2FSa2DK%2FfChgzV1%2FYyGMy4lmwBOWkUGwRTLOH%2FsWLRCeGGzfyydpAWQnSTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786c9b603bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 tangerine.css
upw.io/themes/spirit/assets/frontend/css/theme/ 158 KB
28 KB 170ms
168ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/theme/tangerine.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e7fa543586285f42f9ec7902918d70535973c4ac80a4389b17dcf3413c92418

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=206493
etag: W/"5f8bebc0-3269d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9rq2lGzToqR0cn9TRcebwVme9NoWD777SNXuHa77%2FaVpqc0lR7njWG8mO2E%2BBK4j8lgDkQ8Knn9POL8Wh90lzlrnweOAFJILFx6pdEUAxKkQ0owawmuA4ltpR3%2BjcOmgd247Mc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786c9b903bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.min.css
upw.io/themes/spirit/assets/frontend/css/ 58 KB
13 KB 192ms
191ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/font-awesome.min.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-e6ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLOKyKs1dvZrE%2F7kj%2F%2FoV8nYjkqJZhs6sElWX2%2BtO0BY804sleIMjLGRKv%2FKBYP9tXJTEYN%2BZm6aorWYx3p9bsN%2BFxUUJt9TJlIyzTFsuxR3DZnX%2FBbLbbsxz3L988knKWHE%2B7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786e9ee03bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom.css
upw.io/themes/spirit/assets/frontend/css/ 7 KB
2 KB 157ms
156ms Stylesheet
text/css 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/css/custom.css
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 04 Feb 2021 17:28:50 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8936
etag: W/"601c2ed2-22e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9pFiDak5ZNJ5CU%2FjQGj91GEquMuO7AHuELLbMQeXYCuMrPmCYq4mBz5X1GAzZshBdmmo8Kzr3eE4%2Feq412y%2FMHcMPvossWgCIRxMfVhahofUoBtj9bxWLhnjqpiqlU97kQQS2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84478786e9ef03bb-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 36 KB
2 KB 146ms
55ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3039c879c1c6517cb0e366ee5e1f189bd947a6adbc588609ddd26809ed65d6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 18:40:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 18:40:42 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 142ms
51ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 18:40:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 18:40:42 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 373ms
59ms Script
text/javascript 23.45.238.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.238.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-238-53.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jan 2024 18:40:42 GMT
server: Oracle API Gateway
opc-request-id: /6134B1AEC68277C4DC78F8DF9C72128C/72227EEBDEA085F1603A1CD619DE26B2
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 logo_inverse.png
upw.io/cache/themes/spirit/ 4 KB
4 KB 177ms
176ms Image
image/png 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upw.io/cache/themes/spirit/logo_inverse.png
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e9627f38621481d60d51f4bed9e425b31d1741d0c49dfd15c78e3d92497d6d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 09 Apr 2021 11:59:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "607041b5-e35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPSWk3pFod1HnoSGbiFOlRJH2HsAjv2AuCw52tYCrGSSoNzbU7nD1NVVCzw%2Fv4XbPCnb5sk44LJR5NiIFng8900hnPhgxQ8s3Xy%2FWjNzj3rxsAd%2FgsTmZO%2Bp39YDFYv3DfeuyrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84478786e9f003bb-LHR
alt-svc: h3=":443"; ma=86400
content-length: 3637

GET
H2 200 logo.png
upw.io/cache/themes/spirit/ 4 KB
4 KB 187ms
187ms Image
image/png 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upw.io/cache/themes/spirit/logo.png
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e9627f38621481d60d51f4bed9e425b31d1741d0c49dfd15c78e3d92497d6d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 09 Apr 2021 11:59:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "607041b5-e35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POS3zumEyiviQqIBl10t0YdCIJ8jalK8jWtWhNs8lR2ETMbJovrFN9f38OrXviK4nkZO4TiWJ1AzzL3OptQIKh%2FXxUeJui7tKec2YClUs%2FxOp2nE4yKiMJDu2gi0FUUogW1ld1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84478786e9f203bb-LHR
alt-svc: h3=":443"; ma=86400
content-length: 3637

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 227ms
138ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c41af7e4dfb420a78275fdb8dead8856efd702eee5e441889e29c164658225f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51547
x-xss-protection: 0
server: cafe
etag: 13887457567459650100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 18:40:42 GMT

GET
H3 200 jquery-3.1.1.min.js Show response
upw.io/themes/spirit/assets/frontend/js/ 85 KB
31 KB 134ms
134ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-152b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QN1TOvsCwRX%2BBmE7eE382EbZvdOBx7f5Ye8cmVfKOObkt3vZqbzLk8UVFL%2BvhPkzk29c2FPOHp6JTRjfQ%2F0f0LDdOZk4rbUOvZu%2FX5csDkTsvadep5gyhrFP8Un4%2BkV0kiddlaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 84478787d994dd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 jquery.dataTables.min.js Show response
upw.io/themes/spirit/assets/frontend/js/ 68 KB
20 KB 153ms
152ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-1107a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKmA2O9t%2FTc26WJB9ZQJqXoB%2FRYl%2FvTuAkzEkLLDNRRuvq2yzqojYfl%2FVpNnNoU945sV9Vw4Xt3vqPKxl2ZQMKRyPXg%2BvPL3fnKg%2BhktGQZe4cZnxh0YJLwqs2LZpIzcw48jpQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 84478787f9addd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 flickity.min.js Show response
upw.io/themes/spirit/assets/frontend/js/ 53 KB
14 KB 194ms
194ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/flickity.min.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-d271"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNlt1cZVZcaVCRmCW5oGIcBu0hS1YVbsC1rFGAsN3vtfACqtjI2NcpZauZfQaJLiGAVu3CdktkLQNIcfGE43I9%2B3IO%2Frf%2FQgOuEav7EIWCQP8EVSIe%2Bvfg9uII4czOxFlN78UW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8447878809c5dd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 typed.min.js Show response
upw.io/themes/spirit/assets/frontend/js/ 4 KB
2 KB 166ms
164ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/typed.min.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-f6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U%2FDA6pDrqXxE12Uxr9lK3rfW6J0QpS9gInN%2FWAfJH34nNRnesEU9p5UufATKMVYHsoLwEWxCUrLgiZ8mJ5vdVDsv8MURW7OqwJ579cD8Tz7NLzkNs2z48Mlp5R60lOQKPwZ0t8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8447878809c8dd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 datepicker.js Show response
upw.io/themes/spirit/assets/frontend/js/ 20 KB
8 KB 166ms
165ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/datepicker.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=20975
etag: W/"5f8bebc0-51ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sdq4nEdfDCZNoqeVzkE2D5zpBqEy6UgRORd5ikwrsRJP%2B0bqZjliLqUi1YAhatdV9GhOp2xdrI%2FGjm8w1Yms5xoiU3R1ZMRai2sZp0ZQr8SPR5ZcdAymU9wEwTa4hPvmWOOdR1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8447878809c9dd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 granim.min.js Show response
upw.io/themes/spirit/assets/frontend/js/ 10 KB
3 KB 167ms
166ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/granim.min.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-298b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoyzQyfdmh6aC%2BB8KA6itG%2B8RWVZO%2BBe%2BOI8c5Y5xSURbnu8UnqLoTZf2bJ3eqhOgOdpYBzguBpwJLdwBEMfLXOt%2BvA1CC3bVd%2FHj%2B9zHR95myo%2FW%2FgGxK32Evq3hryBJVjX98U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8447878809cadd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 jquery.steps.min.js Show response
upw.io/themes/spirit/assets/frontend/js/ 14 KB
5 KB 168ms
167ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/jquery.steps.min.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-3626"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOQUIhpeODs5rOc7IuIBFb8YM24c7V2V4tUDOqm3eUhIOQvbZ23WTOKPHKJJSzwLZRFo49BNnyDGr0xNj9K6DkPkdUg2wQMvuvVVP1W%2Bq9uzNcg2l0Cxd2FdAfUS2rSkiIj2L7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8447878809cbdd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 countdown.min.js Show response
upw.io/themes/spirit/assets/frontend/js/ 5 KB
3 KB 169ms
167ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/countdown.min.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-14f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDxLl7V1AzcgqGugiPb%2BoWIXRuJPMJj%2F6La2wwMUEQsxrUBc5EoaLfYY8PMQZmpTMq3u%2FyyBxa%2FZCZQf2brEcxT8oGPPzPxgPHl6lb5tgo3%2BVzHDREHK4PcZmcJMKTJgQBaMO3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8447878809cddd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 smooth-scroll.min.js Show response
upw.io/themes/spirit/assets/frontend/js/ 6 KB
3 KB 195ms
193ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/smooth-scroll.min.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f8bebc0-178c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCJCHPqUE9WBkErF5HKq4IQ%2BHl476N%2Fb%2BXJ6oSLIdBlevkIVhAA5Askgnmz%2Fg8j2%2BTx5J5GBEoIpaYiBqB7707JHnW%2BbVQFxPXu7t3HXzstJJIFQ%2FTb51%2BaIsdx7%2FIXqORmlaqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8447878809cedd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 scripts.js Show response
upw.io/themes/spirit/assets/frontend/js/ 65 KB
17 KB 169ms
168ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/scripts.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=114862
etag: W/"5f8bebc0-1c0ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqcKSeQp6GpdierIij8%2BdwgO9NOmLsVQhbD1T0D9Y%2F45zIMxnHO%2FZwoooYvpddux4IjMpff2SohZDi25ubjha3eQyis6E3dqinVtCjr%2BzZ8OveNN%2BDxuo5jH3JxBEuMPkZSt%2FX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8447878809cfdd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H3 200 adverts.js Show response
upw.io/js/ 151 B
582 B 195ms
194ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/js/adverts.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DY9vNnbnh6cQfXPaWWgaw4OPWP2QmJpufv0ISwcM4PXjBBzjsMK6w6KQt8txsCdj4ZUa%2FlTnhA3hovZfswR3HySsYbet1NVVL1DKiP6IG6BKRc39dyOJh4aoQIoDooS2hx46eO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, no-cache
cf-ray: 8447878809d1dd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 primary.jpg
upw.io/themes/spirit/assets/frontend/img/adblock/ 13 KB
13 KB 197ms
196ms Image
image/jpeg 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upw.io/themes/spirit/assets/frontend/img/adblock/primary.jpg
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f8bebc0-3209"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3ePcowYQqNl0J4PW8myJ9bk76xSLYQcfhA2ak4yWVpjnZOEMWgj7naarauvSzYU5TgCCtrZ9Ix9toOMWBz8398R2sbAvXbbdUfMaWCwU4FdK%2BcDIrize9UgiSjHFsxIwVy%2BjaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8447878809d2dd88-LHR
alt-svc: h3=":443"; ma=86400
content-length: 12809
priority: u=2,i

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 149ms
57ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-125798141-1

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

942c6c5d7383fe4edf48af78c1dd9cc7c417c781e14a0b7fec809810965ecb70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jan 2024 18:40:42 GMT

GET
H3 200 cookiealert.js Show response
upw.io/themes/spirit/assets/frontend/js/ 935 B
955 B 196ms
195ms Script
application/javascript 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/js/cookiealert.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1836
etag: W/"5f8bebc0-72c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLlQeAqX1vPfZivhmV3PAkI28x5InfVucjK2P9QVT04Qf6Lyhf5oi5%2BYZ4v9gXX%2B7NQ%2Ff4WnnAGDVCF9690W5qbln09TOqrgXa8o9Dnbh6JcFak6JC53JcsRkfpUUZdY3HdMmt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8447878809d3dd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=2,i=?0

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 149ms
85ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://upw.io/
Origin: https://upw.io
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8447878879ab4885-LHR

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 132ms
42ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upw.io
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:05:18 GMT
x-content-type-options: nosniff
age: 23724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 12:05:18 GMT

GET
H3 200 stack-interface.woff2
upw.io/themes/spirit/assets/frontend/fonts/ 4 KB
5 KB 184ms
184ms Font
font/woff2 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
Requested by: Host: upw.io
URL: https://upw.io/themes/spirit/assets/frontend/css/stack-interface.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Request headers

Referer: https://upw.io/themes/spirit/assets/frontend/css/stack-interface.css
Origin: https://upw.io
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 18 Oct 2020 07:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f8bebc0-10c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v56cPjYwkJS7gWWDj6S9QvNQJf1ywOXMFAeLlhu35f%2BTFHHwBonFfKa%2B982UC2oZDKaw2su2ZziaG5%2FiULe6wBPYWDpwK3sIT5Z9I9orvGsqmeMqyuk9Wdyq3u9NmDXESgz%2BzXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
accept-ranges: bytes
cf-ray: 8447878819d8dd88-LHR
alt-svc: h3=":443"; ma=86400
content-length: 4292
priority: u=0,i=?0

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 19 KB
19 KB 190ms
103ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upw.io
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:51:22 GMT
x-content-type-options: nosniff
age: 294560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19280
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:51:22 GMT

GET
H2 200 piwik.js Show response
analytics.trustedstats.com/ 65 KB
22 KB 204ms
119ms Script
application/javascript 2606:4700:3030::ac43:855f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.trustedstats.com/piwik.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:855f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=66607
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 06 Jan 2024 07:45:37 GMT
server: cloudflare
etag: W/"de402a6-1042f-60e422686903b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FsaOcPE%2BjJnvk39fiMdZE1TTX6%2F%2BY7nrFiDEM2%2BIIN7zQuLGWpeiyTmnXDXq5EjjCj8A5f%2Bz%2FPL4YJt8PPnIFkHCNqA8WglpDDPv5BBECySSdt02cpBxAEODensmj8mLEa5GXZaX7lOhak3dgAlPT8ren08%2Bwnlww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 84478789ec5a71fa-LHR

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 122ms
41ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jan 2024 18:40:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Xn0sNkyw572CpUswC+kfVe+3xvNu62UhbvLtdudf3asM/uN2Lbs3PmOD05QytwNh8VhiSVZEN6LZJ+pa+g7XGA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 popunder1000.js Show response
a.exdynsrv.com/ 97 KB
37 KB 151ms
43ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exdynsrv.com/popunder1000.js
Requested by: Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c017f0c3dc847b0c447f1b235f901f29cfb28d054edb6d94ebf5b837e01add11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: gzip
x-age-lb: 7890
x-77-cache: HIT
x-accel-date: 1705076952
x-77-nzt: EgwBnJIhiAH30h4AAAwBJRPCLgH37wIAAA
x-accel-expires: @1705087743
x-77-age: 8641
x-cache-lb: HIT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server: CDN77-Turbo
etag: W/"c24dbe58d3213f7ab3dd73fe718"
x-77-nzt-ray: f6587a1dd217e5c6aa87a165d31e7422
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-robots-tag: noindex, follow
expires: Thu, 11 Jan 2024 14:53:16 GMT

GET
H3

200

main.js Show response
upw.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame B286
Redirect Chain

https://upw.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://upw.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

36ms
36ms

Script
application/javascript

2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upw.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b444b7187238845b5167ee66947acc42a1b602023f32c9d39bf09bcabf3e708c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS44OnfkMoPfY79Va8uY34Yk05rLjfGgW4PgpGGMUJy59jSJzi6%2Fa4lcpK6jhqEgFMhXB2SxxFhxgyrpqJLHSs3HmBo%2FyremU6KFLecUNGw4b7FYa1h0vi8p7Sg8U0eeEcn34ug%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84478789cc16dd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

Redirect headers

date: Fri, 12 Jan 2024 18:40:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w67tw3zHHfg235cozVBR6i7dbbkhgfy0joxAj9ocFtb%2FopInVyr26xQ6iC6zF7DOsBws%2BnWiJpxazDA%2B3%2F187AtgL3CsOX8gL%2Fv3wM2uoYZKQIkNmxiFtwePMykkepct4%2FczGbs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 844787898bbbdd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T4291L0VVF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125798141-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59bb97e54ebf701e377333b782461bc864b36f2e500d3cd3e96ebc2eb54f1c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jan 2024 18:40:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 134ms
43ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125798141-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jan 2024 17:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4697
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Jan 2024 19:22:25 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84aa07329178b3b8e71687b24b49a35d924c996244ca875c5f2656f2cb63d3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139383
x-xss-protection: 0
server: cafe
etag: 6639546978084749992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 18:40:42 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 9414 9 KB
4 KB 129ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upw.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 68141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 23:45:01 GMT
etag: 9219409622527106327
expires: Thu, 25 Jan 2024 23:45:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 844787856ff403bb Show response
upw.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B286 0
554 B 51ms
51ms XHR
text/plain 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upw.io/cdn-cgi/challenge-platform/h/b/jsd/r/844787856ff403bb
Requested by: Host: upw.io
URL: https://upw.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 18:40:42 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpWAK0TLiTZ%2B5GuZa9BI4NBWH33XDZ%2BBiG7TQHR6qazhPMXWeJK5rrBNKqOP0Y5dylJGw6XrFFyii2c0DMyFhVy3iTLJu6%2FCzts43FNypuVXUsi4P6luh5HwxIBwqhsWD3st8aI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8447878a8d02dd88-LHR
alt-svc: h3=":443"; ma=86400
priority: u=1,i

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
201 B 49ms
49ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1820098524&t=pageview&_s=1&dl=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&ul=en-us&de=UTF-8&dt=vios-adventerprisek9-m.spa.159-3.m6.qcow2%20-%20UPW.IO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1754155660&gjid=339861281&cid=1257163246.1705084843&tid=UA-125798141-1&_gid=1220642597.1705084843&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1395204067

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://upw.io/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upw.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 105ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T4291L0VVF&_ono=1&gtm=45je41a0v883015420&_p=1705084842443&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1257163246.1705084843&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705084842&sct=1&seg=0&dl=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&dt=vios-adventerprisek9-m.spa.159-3.m6.qcow2%20-%20UPW.IO&en=page_view&_fv=1&_ss=1&tfd=940
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T4291L0VVF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upw.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 108ms
36ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-T4291L0VVF&cid=1257163246.1705084843&gtm=45je41a0v883015420&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T4291L0VVF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upw.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
408 B 154ms
66ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-T4291L0VVF&cid=1257163246.1705084843&gtm=45je41a0v883015420&aip=1&dma=0&gcd=11l1l1l1l1&z=1433839607

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 185600485576186 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 172ms
171ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/185600485576186?v=2.9.140&r=stable&domain=upw.io

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed0793726f5644132a1089a4bda6c2b3d0b145dac24c78db0618f4a5dd0f64c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jan 2024 18:40:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: pVQSUlNe+I49Mw7TmgStOual1H5cYmwtsnTlOXzbRbRMK0vqBUI1wyXkwJUUOPTOvbOyYZx6eLpdS+BZUC9R4Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK venor.php Show response
syndication.exdynsrv.com/ 1 B
447 B 120ms
41ms XHR
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exdynsrv.com/venor.php
Requested by: Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/popunder1000.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 18:40:42 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Robots-Tag: noindex, follow

POST piwik.php
analytics.trustedstats.com/ 0
0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
346 B 74ms
35ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-125798141-1&cid=1257163246.1705084843&jid=1754155660&gjid=339861281&_gid=1220642597.1705084843&_u=YEBAAUAAAAAAACAAI~&z=1309800037

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://upw.io/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Jan 2024 18:40:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upw.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 10C8 103 KB
38 KB 1503ms
1502ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=280&slotname=6072484026&adk=4075648247&adf=1289714761&pi=t.ma~as.6072484026&w=700&fwrn=4&fwrnh=100&lmt=1705084842&rafmt=1&format=700x280&url=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705084842530&bpp=2&bdt=509&idt=204&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=4421169109669&frm=20&pv=2&ga_vid=1257163246.1705084843&ga_sid=1705084843&ga_hid=1820098524&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080261%2C95321627&oid=2&pvsid=1219922275380327&tmod=118338571&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1133021330236356&plah=upw.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce82a3b85c6a22fa16531735765e954bc51c0e81e11e5945cff55b5b4325c571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upw.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39065
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:40:44 GMT
expires: Fri, 12 Jan 2024 18:40:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B2F8 205 KB
42 KB 1016ms
1015ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=420&slotname=2767378426&adk=1190603583&adf=4129017712&pi=t.ma~as.2767378426&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1705084842&rafmt=9&format=700x420&url=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&ea=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705084842532&bpp=1&bdt=511&idt=212&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=700x280&correlator=4421169109669&frm=20&pv=1&ga_vid=1257163246.1705084843&ga_sid=1705084843&ga_hid=1820098524&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080261%2C95321627&oid=2&pvsid=1219922275380327&tmod=118338571&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d39f20603fb0061a4d6b72aedcad5c7b6e19d8da5ec28b7f13d2f879dc0740ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upw.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42350
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:40:43 GMT
expires: Fri, 12 Jan 2024 18:40:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF79 643 KB
152 KB 1240ms
1239ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&adk=1812271804&adf=3025194257&lmt=1705084842&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705084842540&bpp=2&bdt=519&idt=207&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=700x280%2C700x420&nras=1&correlator=4421169109669&frm=20&pv=1&ga_vid=1257163246.1705084843&ga_sid=1705084843&ga_hid=1820098524&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080261%2C95321627&oid=2&pvsid=1219922275380327&tmod=118338571&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=213

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6f3b2664be65e6f4e5a6fab4e0be14d511ddd87663615ab30f6fb1488c4be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upw.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 155049
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:40:43 GMT
expires: Fri, 12 Jan 2024 18:40:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 155ms
66ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-125798141-1&cid=1257163246.1705084843&jid=1754155660&_u=YEBAAUAAAAAAACAAI~&z=880005340

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 66ms
66ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-125798141-1&cid=1257163246.1705084843&jid=1754155660&_u=YEBAAUAAAAAAACAAI~&z=880005340

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 135ms
44ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=185600485576186&ev=PageView&dl=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&rl=&if=false&ts=1705084842875&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705084842875.248816563&ler=empty&it=1705084842672&coo=false&rqm=GET

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 Jan 2024 18:40:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame B2F8 9 KB
4 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=420&slotname=2767378426&adk=1190603583&adf=4129017712&pi=t.ma~as.2767378426&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1705084842&rafmt=9&format=700x420&url=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&ea=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705084842532&bpp=1&bdt=511&idt=212&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=700x280&correlator=4421169109669&frm=20&pv=1&ga_vid=1257163246.1705084843&ga_sid=1705084843&ga_hid=1820098524&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080261%2C95321627&oid=2&pvsid=1219922275380327&tmod=118338571&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:59:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B2F8 16 KB
2 KB 51ms
50ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54c8612a7d57ad667a4736f5fbc08f6e1b9e9dcfe60ad559a1b09d22ae443eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 18:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 17:25:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 18:40:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B2F8 2 KB
903 B 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:10:36 GMT

GET
H2 200 e9e356ec41155b008235c83648cb19be.js Show response
www.gstatic.com/mysidia/ Frame B2F8 23 KB
10 KB 109ms
43ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9e356ec41155b008235c83648cb19be.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9775
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 09:06:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame B2F8 23 KB
9 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:09:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B2F8 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:34:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B2F8 20 KB
9 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:10:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B2F8 205 KB
65 KB 144ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 18:40:43 GMT

GET
DATA 200
OK truncated
/ Frame B2F8 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e5cdcba383ad56725238d9f6a38195fbd8be2576a2c82c2608d174039e72392

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 144ms
144ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ed655176fcd1abb88841f5f250fa16c094849d9c5885d319ffbe97995b94355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56409
x-xss-protection: 0
server: cafe
etag: 15692588410269988977
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 18:40:44 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame B2F8 47 KB
47 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:05:18 GMT
x-content-type-options: nosniff
age: 23726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 12:05:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B2F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci-gFqoehZZ6FMIvb1fAPjpCpyAujyPuKbeS94NnqEcCNtwEQASDr5sZBKApgu4aAgNAKoAGG_fPUA8gBBqgDAcgDAqoE4wFP0ER9URMyPWeKq0SXQJWFe-9MntJ09wwTmz-chHZIUQJ40hF...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216299099997562844539%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%...

0
0

164ms
79ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216299099997562844539%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22983367302%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225604050912571298897%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16299099997562844539","debug_reporting":true,"destination":"https://wondershare.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["983367302"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"5604050912571298897"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16299099997562844539","debug_reporting":true,"destination":"https://wondershare.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["983367302"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"5604050912571298897"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B2F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJgxxqoehZZ6FMIvb1fAPjpCpyAv9gvnSdIXEuNXaDK4CEAIg6-bGQSgKYLuGgIDQCqABmZit2wPIAQaoAwHIAwKqBOUBT9AxdVQTMT1niqtEl0CVhXvvTJ7SdPcME5s_nIR2SFECeNIRe4t...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227517387958130898878%22,%22debug_reporting%22:true,%22destination%22:%22https://driversupport.com%22,%22event_report_window...

0
0

160ms
78ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227517387958130898878%22,%22debug_reporting%22:true,%22destination%22:%22https://driversupport.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996887577%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215078909010151689649%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7517387958130898878","debug_reporting":true,"destination":"https://driversupport.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996887577"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"15078909010151689649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7517387958130898878","debug_reporting":true,"destination":"https://driversupport.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996887577"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"15078909010151689649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B2F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGwJXqoehZZ6FMIvb1fAPjpCpyAvAkJiqddyY__CeEmQQAyDr5sZBKApgu4aAgNAKoAHQk9PAA8gBBqkCTmIqKKxntT6oAwHIAwKqBPkBT9B3H04TMD1niqtEl0CVhXvvTJ7SdPcME5s_nIR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228324097679848364598%22,%22debug_reporting%22:true,%22destination%22:%22https://bovishomes.co.uk%22,%22event_report_window%...

0
0

160ms
75ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228324097679848364598%22,%22debug_reporting%22:true,%22destination%22:%22https://bovishomes.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22940886480%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225884789250632279537%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8324097679848364598","debug_reporting":true,"destination":"https://bovishomes.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["940886480"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"5884789250632279537"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8324097679848364598","debug_reporting":true,"destination":"https://bovishomes.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["940886480"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"5884789250632279537"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B2F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGum5qoehZZ6FMIvb1fAPjpCpyAu9uIWUdeOKweeTEmQQBCDr5sZBKApgu4aAgNAKoAHdte2FA8gBBqkCH26LLStmsj6oAwHIAwKqBOoBT9AUDlcTNz1niqtEl0CVhXvvTJ7SdPcME5s_nIR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211322334193132735094%22,%22debug_reporting%22:true,%22destination%22:%22https://productsup.com%22,%22event_report_window%2...

0
0

164ms
78ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211322334193132735094%22,%22debug_reporting%22:true,%22destination%22:%22https://productsup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22817584861%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225057498377838177953%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11322334193132735094","debug_reporting":true,"destination":"https://productsup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["817584861"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"5057498377838177953"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11322334193132735094","debug_reporting":true,"destination":"https://productsup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["817584861"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"5057498377838177953"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B2F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_TpBqoehZZ6FMIvb1fAPjpCpyAva-Mv2dJ7F4Jf7Ed65oMyeJhAFIOvmxkEoCmC7hoCA0AqgAaikguEDyAEGqQIfbostK2ayPqgDAcgDAqoE6QFP0HJ-VBM2PWeKq0SXQJWFe-9MntJ09ww...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211892236508235203370%22,%22debug_reporting%22:true,%22destination%22:%22https://mirakl.com%22,%22event_report_window%22:%2...

0
0

163ms
79ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211892236508235203370%22,%22debug_reporting%22:true,%22destination%22:%22https://mirakl.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221008767528%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227480540803513703281%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11892236508235203370","debug_reporting":true,"destination":"https://mirakl.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1008767528"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"7480540803513703281"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11892236508235203370","debug_reporting":true,"destination":"https://mirakl.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1008767528"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"7480540803513703281"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B2F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CXT6oqoehZZ6FMIvb1fAPjpCpyAvVwueOdKar4MrBEWQQBiDr5sZBKApgu4aAgNAKoAHVxKaLA8gBBqkCmxPUIGiajT6oAwHIAwKqBOgBT9B0H14TNT1niqtEl0CVhXvvTJ7SdPcME5s_nIR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215610840827333796020%22,%22debug_reporting%22:true,%22destination%22:%22https://waydev.co%22,%22event_report_window%22:%22...

0
0

124ms
76ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215610840827333796020%22,%22debug_reporting%22:true,%22destination%22:%22https://waydev.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22829006421%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229485319959673306945%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15610840827333796020","debug_reporting":true,"destination":"https://waydev.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["829006421"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"9485319959673306945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15610840827333796020","debug_reporting":true,"destination":"https://waydev.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["829006421"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"9485319959673306945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B2F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C1fjAqoehZZ6FMIvb1fAPjpCpyAvTrrr2dJfEhLufEpeMi_GnDhAHIOvmxkEoCmC7hoCA0AqgAdHIt7ApyAEGqQIfbostK2ayPqgDAcgDAqoE6gFP0D9YVBM0PWeKq0SXQJWFe-9MntJ09ww...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211220392387429350884%22,%22debug_reporting%22:true,%22destination%22:%22https://secondmanual.com%22,%22event_report_window...

0
0

162ms
80ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211220392387429350884%22,%22debug_reporting%22:true,%22destination%22:%22https://secondmanual.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211107427409%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213351110745989371393%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11220392387429350884","debug_reporting":true,"destination":"https://secondmanual.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11107427409"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"13351110745989371393"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11220392387429350884","debug_reporting":true,"destination":"https://secondmanual.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11107427409"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"13351110745989371393"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B2F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CxPWkqoehZZ6FMIvb1fAPjpCpyAvT4se-dPTlt5-wEqKUxJKNDhAIIOvmxkEoCmC7hoCA0AqgAa7M1f4DyAEGqAMByAMCqgTmAU_QL05UEzs9Z4qrRJdAlYV770ye0nT3DBObP5yEdkhRAnj...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225896045087429215399%22,%22debug_reporting%22:true,%22destination%22:%22https://kentico.com%22,%22event_report_window%22:%2...

0
0

123ms
76ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225896045087429215399%22,%22debug_reporting%22:true,%22destination%22:%22https://kentico.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221070949934%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213694720303071547521%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5896045087429215399","debug_reporting":true,"destination":"https://kentico.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1070949934"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"13694720303071547521"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5896045087429215399","debug_reporting":true,"destination":"https://kentico.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1070949934"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"13694720303071547521"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B2F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ClnP6qoehZZ6FMIvb1fAPjpCpyAvTg7qZdb73mK6gEsCNtwEQCSDr5sZBKApgu4aAgNAKoAHd8KrAKsgBBqgDAcgDAqoE5AFP0Gp4VxM6PWeKq0SXQJWFe-9MntJ09wwTmz-chHZIUQJ40hF...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22235927842162435809%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%2...

0
0

162ms
79ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22235927842162435809%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221377452131993037345%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"235927842162435809","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"1377452131993037345"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"235927842162435809","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"1377452131993037345"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B2F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ5hBqoehZZ6FMIvb1fAPjpCpyAug7aqTdbTaht7GEmQQCiDr5sZBKApgu4aAgNAKoAGMqfrCAcgBBqgDAcgDAqoE6QFP0EIkVBM5PWeKq0SXQJWFe-9MntJ09wwTmz-chHZIUQJ40hF7i2k...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213423291963833896106%22,%22debug_reporting%22:true,%22destination%22:%22https://indeed.com%22,%22event_report_window%22:%2...

0
0

159ms
78ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213423291963833896106%22,%22debug_reporting%22:true,%22destination%22:%22https://indeed.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22408851596%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2232827631308816993%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13423291963833896106","debug_reporting":true,"destination":"https://indeed.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["408851596"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"32827631308816993"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13423291963833896106","debug_reporting":true,"destination":"https://indeed.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["408851596"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"32827631308816993"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 164ms
75ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 164ms
76ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 164ms
76ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 163ms
75ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 199ms
112ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 164ms
78ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 162ms
77ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 162ms
77ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 197ms
113ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 161ms
78ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 13561799754212302095
tpc.googlesyndication.com/simgad/ Frame 10C8 18 KB
19 KB 52ms
51ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13561799754212302095?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmlCMZgTbtLsZk2Qc7xxuYvrB2vdw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=280&slotname=6072484026&adk=4075648247&adf=1289714761&pi=t.ma~as.6072484026&w=700&fwrn=4&fwrnh=100&lmt=1705084842&rafmt=1&format=700x280&url=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705084842530&bpp=2&bdt=509&idt=204&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=4421169109669&frm=20&pv=2&ga_vid=1257163246.1705084843&ga_sid=1705084843&ga_hid=1820098524&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080261%2C95321627&oid=2&pvsid=1219922275380327&tmod=118338571&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9361ed0b939e2c6f5a10f75b020358df0a39bc7b68ed714dbd4671293a09656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 12:58:52 GMT
x-content-type-options: nosniff
age: 279712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18823
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 20:50:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Jan 2025 12:58:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 10C8 23 KB
9 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:09:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 10C8 3 KB
1 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:34:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 10C8 20 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:10:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10C8 205 KB
65 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 18:40:44 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 10C8 36 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 00:21:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14790
x-xss-protection: 0
server: cafe
etag: 14910708302111541132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 00:21:39 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 59D8 143 B
166 B 43ms
43ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1133021330236356&output=html&h=280&slotname=6072484026&adk=4075648247&adf=1289714761&pi=t.ma~as.6072484026&w=700&fwrn=4&fwrnh=100&lmt=1705084842&rafmt=1&format=700x280&url=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705084842530&bpp=2&bdt=509&idt=204&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=4421169109669&frm=20&pv=2&ga_vid=1257163246.1705084843&ga_sid=1705084843&ga_hid=1820098524&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=450&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079979%2C31080261%2C95321627&oid=2&pvsid=1219922275380327&tmod=118338571&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:38:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 10C8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bc761215b52c02ebf9a49783b8c3458b14ab15ab1a527836e75f79fee92b423

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 59D8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:40:44 GMT
expires: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:40:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame F88C 9 KB
4 KB 43ms
43ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upw.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 64485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 00:45:59 GMT
etag: 9219409622527106327
expires: Fri, 26 Jan 2024 00:45:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame C878 9 KB
4 KB 42ms
42ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upw.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 64485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 00:45:59 GMT
etag: 9219409622527106327
expires: Fri, 26 Jan 2024 00:45:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame B81A 9 KB
4 KB 42ms
42ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upw.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 64485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 00:45:59 GMT
etag: 9219409622527106327
expires: Fri, 26 Jan 2024 00:45:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 564A 9 KB
4 KB 45ms
45ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upw.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 64485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 00:45:59 GMT
etag: 9219409622527106327
expires: Fri, 26 Jan 2024 00:45:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 10C8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C8VSAqoehZaelMKrF1fAProKO-AH737Sjdcm12d6yErGO_MIDEAEg6-bGQWC7hoCA0AqgAffim7QoyAECqAMByAPJBKoE5wFP0DpRpvfpTQWwrdWMMWbMRJXLZAPdv3LJKmXU-KxqBoFSusp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213602064292039348763%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window...

0
0

76ms
75ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213602064292039348763%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214601209625165029745%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13602064292039348763","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"14601209625165029745"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13602064292039348763","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"14601209625165029745"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame F88C 4 KB
671 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 18:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 17:31:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 18:40:44 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F88C 205 B
518 B 42ms
41ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:23:12 GMT
x-content-type-options: nosniff
age: 8252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 16:23:12 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F88C 604 B
696 B 42ms
42ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:15:10 GMT
x-content-type-options: nosniff
age: 206734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Jan 2025 09:15:10 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame F88C 16 KB
7 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:10:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:10:47 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame F88C 22 KB
9 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:35:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 13:35:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4084 624 B
245 B 82ms
82ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNXNITYXEgog9oeEpzWJYlqSqIG9eJ1rXr3QHyu_Pru2HcCTKDTHYk_znkaJTU7heap2QJ8r4bMAPX0rsrP-NtnU4P_PLseFsbOAhNFAwuIZu8bf1Q52_p_TVQXHiAuW0qFpdhonYBV_mlD0Hk66yGdoDKavH91ak-VYuXDgLDel98Nok6E

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:40:44 GMT
expires: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 44D5 111 KB
39 KB 149ms
43ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 21:44:20 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 44D5 7 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 00:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 00:01:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 44D5 23 KB
9 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 00:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 00:01:21 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 44D5 41 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 333308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 44D5 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:34:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 44D5 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:10:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44D5 205 KB
65 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 18:40:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 44D5 42 B
63 B 79ms
78ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BfoVbWLoKM0btBMc6L9wcQo0s0gJGiw4CR6l7anVSG-ObDq9bJGOiM2mYmbo1XPl4OEM_cfIrZUZQZBjfKSpiXu2vbS5FWiaTTNCIrvExFE5luBc8

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C122 640 B
265 B 85ms
85ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNVQuwphS92O_c72Y1JazmYAiTlt3Dp6HtqgTntb-U30KI2vBXjip95x0BY6Y1BeBSYDPlZeGs9pZd1aH3ChQXQekYPBDact5vr7F_lL2nyFtw178vnhRQhCPjm_o0GD9tT3LkgrhxcuphOd5w_Gkof3x08aQCnuL5KCkoSx8qB-ab3R48o

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:40:44 GMT
expires: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1D7E 111 KB
39 KB 180ms
91ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 21:44:20 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 1D7E 7 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 00:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 00:01:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 1D7E 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 00:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 00:01:21 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1D7E 41 KB
14 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 333308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1D7E 3 KB
1 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:34:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1D7E 20 KB
8 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:10:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D7E 205 KB
65 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 18:40:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D7E 42 B
63 B 76ms
75ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AROyMET6FYJW6wAahrblotHpYlLZ4HbLoKlACnmn40KoYwmi7_skWLwdybNm4z94G4DjBjo2ZI4fvAvKAyawdVAOj-zlgO2_6YHm3-aU5HcCHeA5E

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 564A 9 KB
4 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:59:38 GMT

GET
H2 200 d0c418fd7c3c9b1fa25e4b07b8f8ee33.js Show response
www.gstatic.com/mysidia/ Frame 564A 20 KB
8 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8305
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 09:06:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 564A 14 KB
1 KB 56ms
54ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 18:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 17:26:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 18:40:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 564A 2 KB
822 B 85ms
83ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:10:36 GMT

GET
H2 200 92da1c8e4790a69c4d76e84ba2e3001c.js Show response
www.gstatic.com/mysidia/ Frame 564A 6 KB
2 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2259
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:56:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 564A 23 KB
9 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:09:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 564A 3 KB
1 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:34:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 564A 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:10:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 564A 205 KB
65 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 18:40:44 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 564A 37 KB
15 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 18:38:18 GMT

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0659 50 KB
19 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 15:56:58 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame BBC0 9 KB
4 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:59:38 GMT

GET
H2 200 d0c418fd7c3c9b1fa25e4b07b8f8ee33.js Show response
www.gstatic.com/mysidia/ Frame BBC0 20 KB
8 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8305
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 09:06:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BBC0 6 KB
706 B 54ms
54ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 18:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 17:32:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 18:40:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame BBC0 2 KB
822 B 63ms
62ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:10:36 GMT

GET
H2 200 92da1c8e4790a69c4d76e84ba2e3001c.js Show response
www.gstatic.com/mysidia/ Frame BBC0 6 KB
2 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2259
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:56:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame BBC0 23 KB
9 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:09:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame BBC0 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:34:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame BBC0 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 23:10:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBC0 205 KB
65 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 18:40:44 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame BBC0 37 KB
15 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 18:38:18 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 75ms
74ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4084
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnrN4IeWqLO3Pyb11R-Dv8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnrN4IeWqLO3Pyb11R-Dv8&google_cver=1&C=1

43 B
335 B

53ms
53ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnrN4IeWqLO3Pyb11R-Dv8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNXNITYXEgog9oeEpzWJYlqSqIG9eJ1rXr3QHyu_Pru2HcCTKDTHYk_znkaJTU7heap2QJ8r4bMAPX0rsrP-NtnU4P_PLseFsbOAhNFAwuIZu8bf1Q52_p_TVQXHiAuW0qFpdhonYBV_mlD0Hk66yGdoDKavH91ak-VYuXDgLDel98Nok6E
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dGTvkBlMTHsdkfKoTUmmFv8iMcxrCaiC%2Bhs89WrQUVpvC07MroSbg4g9bTTcKWB991WtLV3nHaiR3p33CAIbYmx6eKgIvLDv%2ByJf36x2iEZgu6OncQ4qD783ZTl4Zfpf1rhUFSvcynOVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844787976ff735dc-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dt46FldYkTy3Hhcw1KxNknuBkbkqjYy04jxo9vx25U18cCz2raFkLaiiqzYaeHfYf7SaVLA3MtK7G%2FRSaXjUOXcEnXSAto1Oh61qVgXr7O603LE74erIQgQmDcvTz7KlxxgQ61QrmlQNNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEMnrN4IeWqLO3Pyb11R-Dv8&google_cver=1&C=1
cache-control: no-cache
cf-ray: 84478796ef5435dc-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4084
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaGHrIsOYQeIsj6OKbo3OwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnrN4IeWqLO3Pyb11R-Dv8&google_cver=1

43 B
768 B

53ms
53ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnrN4IeWqLO3Pyb11R-Dv8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNXNITYXEgog9oeEpzWJYlqSqIG9eJ1rXr3QHyu_Pru2HcCTKDTHYk_znkaJTU7heap2QJ8r4bMAPX0rsrP-NtnU4P_PLseFsbOAhNFAwuIZu8bf1Q52_p_TVQXHiAuW0qFpdhonYBV_mlD0Hk66yGdoDKavH91ak-VYuXDgLDel98Nok6E
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwhJOOMjPXN8BQrUu1OIdw2BMAMwji4VQnixKwj7nrj7M6FgmCHGKPBGVtUBtE9Ds1hIAGA1KLggCqvDEwEfpR2zCR2Ze%2FzN6K6R9rtdjkKQsNYwPbBwHtasi5PRCyzcUgYRhbG%2Fb37q2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84478797ebb7654b-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnrN4IeWqLO3Pyb11R-Dv8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4084
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEApWJ2fI0QoATnkAnfjjBkY&google_cver=1

43 B
1011 B

41ms
41ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEApWJ2fI0QoATnkAnfjjBkY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNXNITYXEgog9oeEpzWJYlqSqIG9eJ1rXr3QHyu_Pru2HcCTKDTHYk_znkaJTU7heap2QJ8r4bMAPX0rsrP-NtnU4P_PLseFsbOAhNFAwuIZu8bf1Q52_p_TVQXHiAuW0qFpdhonYBV_mlD0Hk66yGdoDKavH91ak-VYuXDgLDel98Nok6E

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
an-x-request-uuid: 5a370704-0ceb-4493-8ab3-e98d7fcdd5ab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.138.196.107; 217.138.196.107; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEApWJ2fI0QoATnkAnfjjBkY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4084
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI4NjAwMjU3Nzc2NjY3MjY1NQ%3D%3D

170 B
243 B

51ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI4NjAwMjU3Nzc2NjY3MjY1NQ%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
an-x-request-uuid: 136891db-cd1b-40ae-9d73-fccde093af7a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI4NjAwMjU3Nzc2NjY3MjY1NQ%3D%3D
x-proxy-origin: 217.138.196.107; 217.138.196.107; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 099F 38 KB
13 KB 42ms
42ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 333308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:05:36 GMT
expires: Tue, 07 Jan 2025 22:05:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C122
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJD_BVKqbENj46zuQ-8p03A&google_cver=1

43 B
105 B

33ms
33ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJD_BVKqbENj46zuQ-8p03A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNVQuwphS92O_c72Y1JazmYAiTlt3Dp6HtqgTntb-U30KI2vBXjip95x0BY6Y1BeBSYDPlZeGs9pZd1aH3ChQXQekYPBDact5vr7F_lL2nyFtw178vnhRQhCPjm_o0GD9tT3LkgrhxcuphOd5w_Gkof3x08aQCnuL5KCkoSx8qB-ab3R48o
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJD_BVKqbENj46zuQ-8p03A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame C122 43 B
295 B 115ms
33ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNVQuwphS92O_c72Y1JazmYAiTlt3Dp6HtqgTntb-U30KI2vBXjip95x0BY6Y1BeBSYDPlZeGs9pZd1aH3ChQXQekYPBDact5vr7F_lL2nyFtw178vnhRQhCPjm_o0GD9tT3LkgrhxcuphOd5w_Gkof3x08aQCnuL5KCkoSx8qB-ab3R48o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame C122
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENiA5yxmdlZdnEakg07-jy4&google_cver=1

23 B
163 B

119ms
74ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENiA5yxmdlZdnEakg07-jy4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNVQuwphS92O_c72Y1JazmYAiTlt3Dp6HtqgTntb-U30KI2vBXjip95x0BY6Y1BeBSYDPlZeGs9pZd1aH3ChQXQekYPBDact5vr7F_lL2nyFtw178vnhRQhCPjm_o0GD9tT3LkgrhxcuphOd5w_Gkof3x08aQCnuL5KCkoSx8qB-ab3R48o
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 12 Jan 2024 18:40:44 GMT
pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESENiA5yxmdlZdnEakg07-jy4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame C122 23 B
163 B 226ms
73ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYstOmQjAB&v=APEucNVQuwphS92O_c72Y1JazmYAiTlt3Dp6HtqgTntb-U30KI2vBXjip95x0BY6Y1BeBSYDPlZeGs9pZd1aH3ChQXQekYPBDact5vr7F_lL2nyFtw178vnhRQhCPjm_o0GD9tT3LkgrhxcuphOd5w_Gkof3x08aQCnuL5KCkoSx8qB-ab3R48o
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 12 Jan 2024 18:40:44 GMT
pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame FFDA 38 KB
13 KB 42ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 333308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:05:36 GMT
expires: Tue, 07 Jan 2025 22:05:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 099F 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 16:01:33 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 564A 0
20 B 79ms
79ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2xlYWRlcmJvYXJkCgoIAioGc2VydmVyCg0QKyEAAAAAAAAUQDAECg0QAyEAAAAzM4NiQDAECg0QDSEAAAAAAAAAADAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAGEAwBBIaQ0xQWDk0TEEySU1ERmVSZEZRZ2RkUkVPekEiCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame FFDA 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 16:01:33 GMT

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame C591 50 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 15:56:58 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 564A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRmtbqoehZbPaMOS71fAP9aK44AyorO2Zdd3overdEZyMspSPDBABIOvmxkFgu4aAgNAKoAHS-MviA8gBCagDAcgDywSqBO8BT9DBd0HMd-wyvG2qSvatr0DMDo5oKoIi0wheYHarBeRgxbu...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211208598904742341624%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%...

0
0

75ms
74ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211208598904742341624%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221012071506%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215270924065197908561%22}&andc=true

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11208598904742341624","debug_reporting":true,"destination":"https://squarespace.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1012071506"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"15270924065197908561"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 18:40:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11208598904742341624","debug_reporting":true,"destination":"https://squarespace.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1012071506"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"15270924065197908561"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

B29069693.375471074;dc_pre=CKOT74PA2IMDFVz0EQgdQ5cEXw;dc_trk_aid=566510985;dc_trk_cid=198755286;ord=4284966511;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 564A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375471074;dc_trk_aid=566510985;dc_trk_cid=198755286;ord=4284966511;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr...
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375471074;dc_pre=CKOT74PA2IMDFVz0EQgdQ5cEXw;dc_trk_aid=566510985;dc_trk_cid=198755286;ord=4284966511;dc_lat=;dc_rdid=;tag_for_ch...

42 B
237 B

58ms
58ms

Image
image/gif

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375471074;dc_pre=CKOT74PA2IMDFVz0EQgdQ5cEXw;dc_trk_aid=566510985;dc_trk_cid=198755286;ord=4284966511;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375471074;dc_pre=CKOT74PA2IMDFVz0EQgdQ5cEXw;dc_trk_aid=566510985;dc_trk_cid=198755286;ord=4284966511;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame E7D5 50 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 15:56:58 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BBC0 0
20 B 76ms
76ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoKCAEqBnRvd2VyQQoKCAIqBnNlcnZlcgoNECshAAAAAAAAFEAwBAoNEAMhAAAAAABgVUAwBAoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAABRAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAABgXvVAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAJmZuWRAMAQKDRAUIQAAAACAm_VAMAQKDRAVIQAAAAAAACRAMAQKDRAWIQAAAAAAABBAMAQKDRAYIQAAADMzg2VAMAQKDRAyIQAAAAAAAAAAMAQKDRAzIQAAAAAAAAAAMAQKDRA0IQAAAAAAAAAAMAQKDRA1IQAAAAAAAAAAMAQKDRA2IQAAAAAAAAAAMAQKDRA3IQAAAAAAAAAAMAQKDRA4IQAAAAAAAAAAMAQKDRA5IQAAAAAAAAAAMAQKDRA6IQAAAAAyM9M_MAQKDRA7IQAAAAAyM9M_MAQKDRA8IQAAAAAyM9M_MAQKDRA9IQAAAAAyM9M_MAQKDRA-IQAAAAAAAOA_MAQKDRA_IQAAAAAAAOA_MAQKDRBAIQAAAAAAAOA_MAQSGkNMRFg5NExBMklNREZlUmRGUWdkZFJFT3pBIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1273970826915959027/ Frame 2B90 27 KB
5 KB 128ms
45ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acf3e73505ca2824ebaa2354cfb381622f688dd1d2322111bb42d1a3dc8c2330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 15138
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4817
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 14:28:26 GMT
expires: Sat, 11 Jan 2025 14:28:26 GMT
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 44D5 0
0 189ms
88ms Fetch
image/gif 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstTp1TIu2YxWRxhZeWnV2gsp8WP02SyXJgVR9dJfmgjuipQubroy2KlyBc1JsVNGF4Kq0ottWUvzS6XOM3hYvSV2LRKm1Da8eMWCkt5JJ39Ljlz7RWufU8FWlv7Twm_SF3_ghDB75meGydyDrSFWq05wkBU33o46ZCp5Alq_hM0yzPrMSXjUwWaM3d-dzOQNU-nughDz-WD9oMmqpI-Ufp3mmoksG9LORurEqNjEuKtH8eai3b5cY7CnPEN9CS9w_63RGyAvNtJGYuea446g3WFsdnit4UTpa9hut9I6dS37SItPc0zyM6wiqiIu3fojAZBgZq1s_HYOIt7iXbShh4AJKpOQWt7O1171nKuYEqBTzMjoIo2euhiyD85lhcbwbBU2HxMCWauXuYlOBVg3O10hpPlnhGnmsD1rA3k6cjKe7V9NiwT7vlCpKCrNhEYegGfJGBSN8U-kMu5wfwMxpri8QXmE3d2P3u2Dz19W4iW206WWws4S2z6DokGuxNWAvb7_zVQWb71YwGm-7wOt-h19OPMewk9MSGmRHpS1aFhmUy0DBO7XSEwqR1Q6kYWRKb5eHAG8O7_aB0wFRCklT3DHJ4-h0w3G3wYhw7mF3VPzNVUij3iUExxpSa_sVpJi4DHIuS9bMdGoKrZLf_9zReUovQ75EnT5tGowFWre0JNgJ3Wl8FEcPgD6-650GQh5EHoTfJeLwabRGScmBBE7ryB2PYd7fGtsv9ZSHNNNg3mYoem7CB_7aq64rXpfsibjtCthXllaQ-Ez1Z3bx4dZwkNmrii-NPSP-2ELM82mjoUhLKvNG3IxrK6Q_B4kFO9C5IOuzCarHJ7nlHXYe5wpVDVXYy9t4rt3XUxN8qoOSvgpMZM8TegvA_KKz-4vjmuGe0Yzqt5K_froUEoFFwtXq-ZJYilC0bcbzW91NdRRWm-La8bpJRL_BESUD3uV2cnD6AWwNyEMTJPv4DJaYLOmSXK2iz7Mpoo1mt4bOPvhJgVh29rOXuWB5T2Z9J9rFBBNFiBKyDw0T2xY5m4L4JEMK2h8h5lsXe3Fe3m0SWgq1A_qcIo28KMiIh37rSfd8f7gXWJD8rIXovHOq8Qd2CBDhlMrbM-31LQ_koVBVGk4N5h2sHvtynHdH8AN9D_gwaMprBDaklD6oW-s-l0l-76EY7TkhFi8tDBC3Wuqm3xBoZm7cKzChRu-wwB5c3mNuZa3x3qI_S2jok7Cuq3o27XccagTwTabQ&sai=AMfl-YQV61ZjzRRanub6_IsBmUCTDp2I3_EB5AUYJA3hs1_N_n9brT6OUuJ4cHjpyu91pWcOZcN5ad0rSBl24l1uHjfiFwoW7xwXMMA9dY18HTDBYF5WuqCa5e4eUFE77RaxL3WsId8mN7vdMJ0Yqqs3JEBuBN2pvNDGnaEqv4IUe9Aa070nPYOQIqvDwc9B-VMITA9i6VHelLlBedKpffPFRB2DifO0D6FJ7XsQlos8x1ONCfcHA4JvFI57G4SeLOmZ4UbOZtZHWcpZ83HbS7WcduVlvrHi4yVES1nOn0Ya3MThf0qwbrwgPNi5FtynM6261bC2poPr-GbS2fVQJIUJjCP9EnuIObRcTQRzkVdPx43s8SWLKwo1T82IY27f68_2qTZvq9p3t5COG9EpuLKU5BsI6FEQDVhirAueIASxvPYs0aw7Y4oyo9ElqM5KlVOyGavR9vSYoZfEyTg5SX4gfvziQxCXftb4vWndvBADA49wJU5B4V-G_n7bb-HKjGE7GHEmY84GX50&sig=Cg0ArKJSzIsmYjqv7L3hEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jby51aw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=237&cbvp=1&cstd=235&cisv=r20240109.99877&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1273970826915959027/ Frame 1C88 27 KB
5 KB 121ms
42ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acf3e73505ca2824ebaa2354cfb381622f688dd1d2322111bb42d1a3dc8c2330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 15138
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4817
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 14:28:26 GMT
expires: Sat, 11 Jan 2025 14:28:26 GMT
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1D7E 0
0 184ms
85ms Fetch
image/gif 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssuTbH9Is0CCFYlFBtRUW5CdAlZtejOUZ0SSKvz_fzO4ZXbrehaORYULEuE30nCErZGbOaWgQ66OoD4zVb1o932IBsRM3VncesRuIrTH408oTToYQZ8heSsK_uiHOdT1_2druZ9Udt7vcGD8EvA5zLaNBitKInSVK_aqaFpyLd3rpbCwb4bNju1_C2cSlKynvFPek7JwF0iUZeefN6E5acmHqmKwHyW3glIT2LSIq4hgFSxNQe6Hjs61bRMiFa3ECz2tAgGOciSMBHF1Bo9aQdfJSHJULA6o3EXWISXNnUVKJky9NaR37GweH3GjdWl9JCsNgdY3dTQCM26YfHnkQPm2hzDvyUN6UPfFWaXf0rSP9C1Xs28tcH4P5AlN2peBJf3vyAiov7A6dxu1QPoPti2FgMzHRwT0wXlQ48lgABzizx3Z4_npSEmFdtjzHjc3PIsy88SfsIuZECF2xoF4gGcZQAk5Y2XsbJrAcSGrs9T5IgE0NvaQghVm5fPCdetOZ1RLTwwkIPW-fMH9coFM9jryGOxglEYP00wSNgyz75LzfkOA7LKGSGOT4d3jCpwe5iXeqq_hYeOOGefaDLBKFd1C2l9RTaqRvC9TIejBrIoPmrfO3flMzgkIsgk68EcXhQwzjAdBhUcgJ7VFPiHtSII-DRCddiTIDiRhk2R60yIsTZwF3-ljSwYY5d72IAJeWajROJYFrDgSY7XGbsbStp6gA-ZyH-KGn-fwsyjHku6N2Fsh4-v9fT94SVR2lv0rx2u4M1ai6q3bjEXl39Giu_VC3TsX3NghsTVTcq0cCvgHsAeGd4fRv_eUAllpyokPnY91yOg5jJrJ24zBCX0nGC-o1bUCy4g45FHtmm1hghZxF8nnGC-wkGVwssgOo7jqulhw9YeAKIGR0hCx3FSKhiDx_-sOLgFUtUDar6QCDO8a_u_BZuu91nw0EEXi31sUAF8tnO_n2dAkmeppt8wjdszz-69CXrBbfpPCX4cQLginy2P65OQbIi3F_Lkzx0Yk28JQbRJy7g1p_4lZ2eLBkMbVr-2xoS4_KQA2lGsk5CXajpGyUT32yOGQ4YEjoN7hiCteL94mgMZ5wM-U55Xcv2angUmMVDIRFHUYdwRhqWH0j9O8oZaaDhoqLPNQlvGPk0h8K6FCHTmNPhH-T29WNgEzXO4HIov-rGwYMhanGwvl4-xq8cyCLse5T4RXbUTVgdjSzeTqjIuhWSuI1lEn1qEBjZJ2Q&sai=AMfl-YR8wTpkYsp6maYT3Qr3QdOPKHcpUhT5_X5RIFGTSvivFmsLE8DzUO5vgAJwzLg_GstlSsmM1oycCbeC6oyOmc6u9M0JSvdw6nUlh533FG0B9AN6veMIC1E8Ytn-iqD477MD601Yxak8f43JGKZqT91CQEjjA1iPmsVhly8ws74bmpRaJQ1aFGX7_CmfTgykkU7HbEU1WG-niFwP7E-97CGA4JvsR3qKAirAn_ySXhJw5_hh-3XoN0LR7GbuvTM6VicSdTot9AdVlz451VlyfS8UGiDUgg-hXBlUrsWiDiNA78PaSYoUnws4atr0x2QOYAMVpDwf0u2x9Y_5GZhVYi7Ct0Nl14P3j2R56FufgJhTiKzN-ws4JpZwwsb4OfB9JYoXK29YbHLK9YHLExsumn3hJ_Mf5kIPyc_Ekh_FapiZ5iSnOP7Hdu0tAUlWzuljPrshXhRq1dexekmLsa2s8UVGy8bzrHdSZHtNnIvG7Xm3lU1P4PQ5lvKBnnE_KGSD4G52gQK5yqk&sig=Cg0ArKJSzJ9cCY2u7xS5EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jby51aw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=224&cbvp=1&cstd=223&cisv=r20240109.93481&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
75ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 18:40:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 564A 0
20 B 77ms
77ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2xlYWRlcmJvYXJkCgoIAioGc2VydmVyCg0QECEAAAAAAHmxQDAECg0QESEAAAAAYF71QDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAABmZpZxQDAECg0QFCEAAAAAILz1QDAECg0QFSEAAAAAAAAkQDAECg0QFiEAAAAAAAAQQDAECg0QGCEAAABmZh5yQDAECg0QMiEAAAAAmJnJPzAECg0QMyEAAAAAmJnJPzAECg0QNCEAAAAAmJnJPzAECg0QNSEAAAAAmJnJPzAECg0QNiEAAAAAmJnJPzAECg0QNyEAAAAAmJnJPzAECg0QOCEAAAAAAADgPzAECg0QOSEAAACYmZlGQDAECg0QOiEAAAAwM7NIQDAECg0QOyEAAICZmYlxQDAECg0QPCEAAICZmYlxQDAECg0QPSEAAABmZpZxQDAECg0QPiEAAABmZq5xQDAECg0QPyEAAABmZq5xQDAECg0QQCEAAAAzM0tyQDAEEhpDTFBYOTRMQTJJTURGZVJkRlFnZGRSRU96QSIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 b840ca0564aba349b8d53400baa28e4b.js Show response
s0.2mdn.net/sadbundle/1273970826915959027/ Frame 1C88 130 KB
37 KB 45ms
44ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/b840ca0564aba349b8d53400baa28e4b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b22d798dfd9dc5be985cd04beb3744f681ceb8610d8b513d103f20d92c63fd98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:26 GMT
date: Fri, 12 Jan 2024 14:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38016
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 b840ca0564aba349b8d53400baa28e4b.js Show response
s0.2mdn.net/sadbundle/1273970826915959027/ Frame 2B90 130 KB
37 KB 59ms
59ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/b840ca0564aba349b8d53400baa28e4b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b22d798dfd9dc5be985cd04beb3744f681ceb8610d8b513d103f20d92c63fd98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:26 GMT
date: Fri, 12 Jan 2024 14:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38016
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 099F 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSC7qqoehZbHaMOS71fAP9aK44AwAAAAAOAHgBAI&bg=!e3ileDfNAAaumcC-jpk7ADQBe5WfOIbX5f4yOuUf__okWlXeWesSVAInS5UgBGdOuJ9U-Ump2LnKGU21scftUTpk7RWHAgAAAHJSAAAAAmgBBwoAg9M6YLoIAOmttgiSVFDik5sEdki5rjlvQDjmijiNVdgUJaZlgddrGwwEAjJqc0Ztr9LnNm534C1GfPCdcyossW8BJ--T48UOvAKnh4G8AhB2Aek3kcM_PnZE-0xEVNobumolJ4QEAX5dJ4s54wOR0M7eJ5BWz7Okn_HCfwm7iVxeKrFymQL7JRjfBm2-8v1_g5iDQdGTCPPHvtHxxKprosLHqNtTcHtRNd7B4MfGTcDAZkTd9PPLStk5Ea2-dv6dpA_OOU5WRtMtEI3UzhlkVSM-zyviDTakCK-x6Oy7s2UhBs3sbJOZKR0rgtdVB015g5VDDleXtKlFu96lDtS3RErxsSrzTl6l4rLQz2szs4huYqhajswoHmzrWRWUjT8bjQdtpAPH5nP3RodbAej33jpk_wFvwcz7fjt8WRrUcmv94KRqNglQ20zg7Q5EAYFb8Tcyc6y_aYJ4zItWm-087_JLIT-rS71-qNnDD5ad8FzsazmYOKhWwGYmaJyZ7bwBT4zTOxDEil5Ohg6oe1ZUMV6Y1RUlqF58-Nm8SRKUKNJFsdY_TY7BsV_CNzjHvU9HjQWuPc_DByrvMyzmDFAAgLmh4aLQvsrKPYhRBRvtAT2ZOMozjCGHU3Gu_RMH6UZ_Y8L_hhRpoVeIF_8DQjZSiG1WKD34J3PjjfbFkCSkG7Ja6K2s2k1bQ5FhO0XAIp7eQBopnz4GUxTAJdgulnf8aM8s0SdeviFtePZi5jL7FaQ467beUfEiLGaR_Q1pl-0T4_qqLtsYea19WuUZiOJ1sADO8g0mmgpBbxFGGQEblKUJ05akZTxe8qQTXwgSoRo9-nqXByqhittO8HN0R6mAGXA9L4XCCxSN2XzryTww6aoxp4_BQwYyPi68PH57zgh_I7k4CbnjtLsSjqen0hQcdAHdC2TXDJyRTgI0BRZK-9FyzaR7sSsePzNfiu9M96eWTy0DxtZsskuAJW0HNUrGIWh3n2yJCgVS_ItBC0HeaRvequ7Knf44Tsuo2mdWXcpnUs0zvTD1PU85vd1jxcYJysDY7Zj8KLOo5yij1BeEKiup5wkOCi9EfrOBCvBDWN9lKbiaAlI0P_9tZg0-d-6dxoNKiXslB28JKdAsS1YsxSUJM4sf_8WDN7uayxBLj9Tm9fBLQy5_xswnzATxsGXZY7mvYVW0NNaejpM-RVAzwBI1_w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFDA 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BbmKXqoehZbLaMOS71fAP9aK44AwAAAAAOAHgBAI&bg=!trWltfrNAAaumcC-jpk7ADQBe5WfODWTiYmAOiSfIaP7FYNcQJH5aCMRF-xf1JLC6cyUFzgsdSW5On3cv1iWS9-LxE49AgAAAHNSAAAAAWgBB5kC7t-SYMdy1JSF_BUHiWpJ1hS0_z6vU0rqR6AyCncL54wHzyXkOQKsy8_YKJlaJkVdzcU2Rl9PAxhbCVkkPu3jLYn_8OQK94iW-6TF-QogB7ACOGFeyAb5n_I5H1fy4pQJYXIgLoUdEHgbZihD7rd-DKt7xMqGPSjSU48Em_52WEj5oejvdCPw3gMC0kd2AMnp15lI0SFNJYUCBfRNoIsIyBEc0bpOPark7_Bt1sLGtt9PaHq58fraoY9ZQAHHeGXtdNKUxNcLTp_-ZLlEE-QTEIZAaIWcSl3McKPSeDbtD6Pvghlpuwh5xwV99_DovgRNrdZGBBuHgrBP0OrvhNuxNygrda8xfIO6nfJA9JLr7d21XUKplqq1-aLzR6fytMU3hBczE-oyRo1TRplaBOkDmnU_QuOg9TY2oeTF9wti2SlUIR1iC9HxFmNSnG9EHs9-turWGZ3hsRSrArD_DBRAk0K0LlY01iDuIfrsjzZMn_lGflHWRBGqr0f8d6X2kEDkTxHq7pEkcnIk8waSBYKdzrnqmPS1VXt6Mt3LLTk3VZuciZlS49E8bZe0aMimJPG4-KG_Uky4sMQ5a07HFdxjSW8pGs48Fa05cqxWSlfYs0POCsdXwfz4gRvKir-ipZomp3BxwGL69jSSspwBKbqf_cl8TAQUrCmsACm1aNbGsdoFprIbokb8SBk_83hV3szgT2JAQYjiAAw6W0fZD3b3lL_sQ2t5Ux_YiUNfSfjBFACXd6fz43psTYVJfoF9eRUFLMii9H9xLtSW4EDjBL69nlgi7MZSj2ApSaegbOs3IhXWrdg9H39ZQ-SUpH3dzsc5zl7isNMOBjtVyiemBlHKh-Dke71y_yIXy1oZ1CDlX72rWUul1nB02Q8BHB8ACse_ccF9v_g9nhHjnuYp2zz4Qa03EdMwdQed0yhSx9-J1Emr0WzgEiQ_un8tzj8oDzcnpADfcSQz3G2S742eqqA2unFQ7OzlNc0qMXIBwo_z1Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/1273970826915959027/media/ Frame 1C88 1 KB
643 B 111ms
110ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:26 GMT
date: Fri, 12 Jan 2024 14:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8e538d265f10a19c1aa9f7c6b9711141.png
s0.2mdn.net/sadbundle/1273970826915959027/media/ Frame 1C88 18 KB
18 KB 43ms
43ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/media/8e538d265f10a19c1aa9f7c6b9711141.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a695675497d7404dd1dfccd316436715d1c80504b45d3d5030e7db344471ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:27 GMT
date: Fri, 12 Jan 2024 14:28:27 GMT
x-content-type-options: nosniff
age: 15137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17997
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/1273970826915959027/media/ Frame 1C88 5 KB
3 KB 111ms
111ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:27 GMT
date: Fri, 12 Jan 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/1273970826915959027/fonts/ Frame 1C88 173 KB
80 KB 44ms
44ms Font
font/ttf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:27 GMT
date: Fri, 12 Jan 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/1273970826915959027/media/ Frame 2B90 1 KB
643 B 95ms
95ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1273970826915959027/b840ca0564aba349b8d53400baa28e4b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:26 GMT
date: Fri, 12 Jan 2024 14:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8e538d265f10a19c1aa9f7c6b9711141.png
s0.2mdn.net/sadbundle/1273970826915959027/media/ Frame 2B90 18 KB
18 KB 96ms
95ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/media/8e538d265f10a19c1aa9f7c6b9711141.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1273970826915959027/b840ca0564aba349b8d53400baa28e4b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a695675497d7404dd1dfccd316436715d1c80504b45d3d5030e7db344471ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:27 GMT
date: Fri, 12 Jan 2024 14:28:27 GMT
x-content-type-options: nosniff
age: 15137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17997
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/1273970826915959027/media/ Frame 2B90 5 KB
3 KB 99ms
98ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1273970826915959027/b840ca0564aba349b8d53400baa28e4b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:27 GMT
date: Fri, 12 Jan 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/1273970826915959027/fonts/ Frame 2B90 173 KB
80 KB 43ms
43ms Font
font/ttf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:27 GMT
date: Fri, 12 Jan 2024 14:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 1D7E 0
0 78ms
78ms Fetch
image/gif 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssuTbH9Is0CCFYlFBtRUW5CdAlZtejOUZ0SSKvz_fzO4ZXbrehaORYULEuE30nCErZGbOaWgQ66OoD4zVb1o932IBsRM3VncesRuIrTH408oTToYQZ8heSsK_uiHOdT1_2druZ9Udt7vcGD8EvA5zLaNBitKInSVK_aqaFpyLd3rpbCwb4bNju1_C2cSlKynvFPek7JwF0iUZeefN6E5acmHqmKwHyW3glIT2LSIq4hgFSxNQe6Hjs61bRMiFa3ECz2tAgGOciSMBHF1Bo9aQdfJSHJULA6o3EXWISXNnUVKJky9NaR37GweH3GjdWl9JCsNgdY3dTQCM26YfHnkQPm2hzDvyUN6UPfFWaXf0rSP9C1Xs28tcH4P5AlN2peBJf3vyAiov7A6dxu1QPoPti2FgMzHRwT0wXlQ48lgABzizx3Z4_npSEmFdtjzHjc3PIsy88SfsIuZECF2xoF4gGcZQAk5Y2XsbJrAcSGrs9T5IgE0NvaQghVm5fPCdetOZ1RLTwwkIPW-fMH9coFM9jryGOxglEYP00wSNgyz75LzfkOA7LKGSGOT4d3jCpwe5iXeqq_hYeOOGefaDLBKFd1C2l9RTaqRvC9TIejBrIoPmrfO3flMzgkIsgk68EcXhQwzjAdBhUcgJ7VFPiHtSII-DRCddiTIDiRhk2R60yIsTZwF3-ljSwYY5d72IAJeWajROJYFrDgSY7XGbsbStp6gA-ZyH-KGn-fwsyjHku6N2Fsh4-v9fT94SVR2lv0rx2u4M1ai6q3bjEXl39Giu_VC3TsX3NghsTVTcq0cCvgHsAeGd4fRv_eUAllpyokPnY91yOg5jJrJ24zBCX0nGC-o1bUCy4g45FHtmm1hghZxF8nnGC-wkGVwssgOo7jqulhw9YeAKIGR0hCx3FSKhiDx_-sOLgFUtUDar6QCDO8a_u_BZuu91nw0EEXi31sUAF8tnO_n2dAkmeppt8wjdszz-69CXrBbfpPCX4cQLginy2P65OQbIi3F_Lkzx0Yk28JQbRJy7g1p_4lZ2eLBkMbVr-2xoS4_KQA2lGsk5CXajpGyUT32yOGQ4YEjoN7hiCteL94mgMZ5wM-U55Xcv2angUmMVDIRFHUYdwRhqWH0j9O8oZaaDhoqLPNQlvGPk0h8K6FCHTmNPhH-T29WNgEzXO4HIov-rGwYMhanGwvl4-xq8cyCLse5T4RXbUTVgdjSzeTqjIuhWSuI1lEn1qEBjZJ2Q&sai=AMfl-YR8wTpkYsp6maYT3Qr3QdOPKHcpUhT5_X5RIFGTSvivFmsLE8DzUO5vgAJwzLg_GstlSsmM1oycCbeC6oyOmc6u9M0JSvdw6nUlh533FG0B9AN6veMIC1E8Ytn-iqD477MD601Yxak8f43JGKZqT91CQEjjA1iPmsVhly8ws74bmpRaJQ1aFGX7_CmfTgykkU7HbEU1WG-niFwP7E-97CGA4JvsR3qKAirAn_ySXhJw5_hh-3XoN0LR7GbuvTM6VicSdTot9AdVlz451VlyfS8UGiDUgg-hXBlUrsWiDiNA78PaSYoUnws4atr0x2QOYAMVpDwf0u2x9Y_5GZhVYi7Ct0Nl14P3j2R56FufgJhTiKzN-ws4JpZwwsb4OfB9JYoXK29YbHLK9YHLExsumn3hJ_Mf5kIPyc_Ekh_FapiZ5iSnOP7Hdu0tAUlWzuljPrshXhRq1dexekmLsa2s8UVGy8bzrHdSZHtNnIvG7Xm3lU1P4PQ5lvKBnnE_KGSD4G52gQK5yqk&sig=Cg0ArKJSzJ9cCY2u7xS5EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jby51aw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=579&vt=11&dtpt=355&dett=3&cstd=223&cisv=r20240109.93481&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 44D5 0
0 77ms
77ms Fetch
image/gif 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstTp1TIu2YxWRxhZeWnV2gsp8WP02SyXJgVR9dJfmgjuipQubroy2KlyBc1JsVNGF4Kq0ottWUvzS6XOM3hYvSV2LRKm1Da8eMWCkt5JJ39Ljlz7RWufU8FWlv7Twm_SF3_ghDB75meGydyDrSFWq05wkBU33o46ZCp5Alq_hM0yzPrMSXjUwWaM3d-dzOQNU-nughDz-WD9oMmqpI-Ufp3mmoksG9LORurEqNjEuKtH8eai3b5cY7CnPEN9CS9w_63RGyAvNtJGYuea446g3WFsdnit4UTpa9hut9I6dS37SItPc0zyM6wiqiIu3fojAZBgZq1s_HYOIt7iXbShh4AJKpOQWt7O1171nKuYEqBTzMjoIo2euhiyD85lhcbwbBU2HxMCWauXuYlOBVg3O10hpPlnhGnmsD1rA3k6cjKe7V9NiwT7vlCpKCrNhEYegGfJGBSN8U-kMu5wfwMxpri8QXmE3d2P3u2Dz19W4iW206WWws4S2z6DokGuxNWAvb7_zVQWb71YwGm-7wOt-h19OPMewk9MSGmRHpS1aFhmUy0DBO7XSEwqR1Q6kYWRKb5eHAG8O7_aB0wFRCklT3DHJ4-h0w3G3wYhw7mF3VPzNVUij3iUExxpSa_sVpJi4DHIuS9bMdGoKrZLf_9zReUovQ75EnT5tGowFWre0JNgJ3Wl8FEcPgD6-650GQh5EHoTfJeLwabRGScmBBE7ryB2PYd7fGtsv9ZSHNNNg3mYoem7CB_7aq64rXpfsibjtCthXllaQ-Ez1Z3bx4dZwkNmrii-NPSP-2ELM82mjoUhLKvNG3IxrK6Q_B4kFO9C5IOuzCarHJ7nlHXYe5wpVDVXYy9t4rt3XUxN8qoOSvgpMZM8TegvA_KKz-4vjmuGe0Yzqt5K_froUEoFFwtXq-ZJYilC0bcbzW91NdRRWm-La8bpJRL_BESUD3uV2cnD6AWwNyEMTJPv4DJaYLOmSXK2iz7Mpoo1mt4bOPvhJgVh29rOXuWB5T2Z9J9rFBBNFiBKyDw0T2xY5m4L4JEMK2h8h5lsXe3Fe3m0SWgq1A_qcIo28KMiIh37rSfd8f7gXWJD8rIXovHOq8Qd2CBDhlMrbM-31LQ_koVBVGk4N5h2sHvtynHdH8AN9D_gwaMprBDaklD6oW-s-l0l-76EY7TkhFi8tDBC3Wuqm3xBoZm7cKzChRu-wwB5c3mNuZa3x3qI_S2jok7Cuq3o27XccagTwTabQ&sai=AMfl-YQV61ZjzRRanub6_IsBmUCTDp2I3_EB5AUYJA3hs1_N_n9brT6OUuJ4cHjpyu91pWcOZcN5ad0rSBl24l1uHjfiFwoW7xwXMMA9dY18HTDBYF5WuqCa5e4eUFE77RaxL3WsId8mN7vdMJ0Yqqs3JEBuBN2pvNDGnaEqv4IUe9Aa070nPYOQIqvDwc9B-VMITA9i6VHelLlBedKpffPFRB2DifO0D6FJ7XsQlos8x1ONCfcHA4JvFI57G4SeLOmZ4UbOZtZHWcpZ83HbS7WcduVlvrHi4yVES1nOn0Ya3MThf0qwbrwgPNi5FtynM6261bC2poPr-GbS2fVQJIUJjCP9EnuIObRcTQRzkVdPx43s8SWLKwo1T82IY27f68_2qTZvq9p3t5COG9EpuLKU5BsI6FEQDVhirAueIASxvPYs0aw7Y4oyo9ElqM5KlVOyGavR9vSYoZfEyTg5SX4gfvziQxCXftb4vWndvBADA49wJU5B4V-G_n7bb-HKjGE7GHEmY84GX50&sig=Cg0ArKJSzIsmYjqv7L3hEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jby51aw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=599&vt=11&dtpt=362&dett=3&cstd=235&cisv=r20240109.99877&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: upw.io
URL: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 172ms
90ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f48aae5f78b33d75ba9a6507dae246fc3e7ac9de3973cbcff5ea88ba04dcb4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12304
x-xss-protection: 0

POST
H3 204 rum Show response
upw.io/cdn-cgi/ 0
136 B 34ms
33ms XHR
text/plain 2606:4700:3037::ac43:c68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upw.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:c68f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://upw.io/4El/vios-adventerprisek9-m.spa.159-3.m6.qcow2
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Fri, 12 Jan 2024 18:40:45 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://upw.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 844787994921dd88-LHR

GET
DATA 200
OK truncated
/ Frame 44D5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76da2f3a457cde270385d36fd1804b411afd571e7ebdbc1e3fb89615ebb5d55f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1D7E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd009cdf9d1807561bd8a0413b91e354aef280a07625b7f26e6deffddce897f0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 8e538d265f10a19c1aa9f7c6b9711141.png
s0.2mdn.net/sadbundle/1273970826915959027/media/ Frame 2B90 18 KB
18 KB 41ms
40ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/media/8e538d265f10a19c1aa9f7c6b9711141.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a695675497d7404dd1dfccd316436715d1c80504b45d3d5030e7db344471ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:27 GMT
date: Fri, 12 Jan 2024 14:28:27 GMT
x-content-type-options: nosniff
age: 15138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17997
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8e538d265f10a19c1aa9f7c6b9711141.png
s0.2mdn.net/sadbundle/1273970826915959027/media/ Frame 1C88 18 KB
18 KB 41ms
41ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1273970826915959027/media/8e538d265f10a19c1aa9f7c6b9711141.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a695675497d7404dd1dfccd316436715d1c80504b45d3d5030e7db344471ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1273970826915959027/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:28:27 GMT
date: Fri, 12 Jan 2024 14:28:27 GMT
x-content-type-options: nosniff
age: 15138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17997
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 13:03:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 18:40:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4792 13 KB
5 KB 42ms
42ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upw.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 17:40:04 GMT
expires: Sat, 11 Jan 2025 17:40:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3E63 829 B
560 B 51ms
51ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b55c5dc5091a4f1b107fb2dd2d5eb22717606f9fb2e6012f632cfd544a6095ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2zBOBIQCP0c1VliC34ZvIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://upw.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2zBOBIQCP0c1VliC34ZvIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:40:45 GMT
expires: Fri, 12 Jan 2024 18:40:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4792 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 16:01:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E63 0
0 75ms
75ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1219922275380327&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 10C8 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstf5UptIBp8-oUPfZxg0uOgV0CzObV-d-RTmwrQHf1Uz2uunxfzQu8CgxQfaK02AbIhsEz7rGQbue9J0b2slgPTHL8dimQM6SQc_lhRArAcpm-4QZ0IVc-Iq-SKOp_jd21YMIcg16qZHe4KBDwCV9rqlTSyx5E&sai=AMfl-YRB4yNqsz-PplojAIMCyl1WmlC9pRcpmnhUC7MBdH755bsAe7XrCVd1kaATNm_zD1T3fi0Li5ao1zjLUUKZcPnbvSAavRX6qUrrn1TAk73bvDwj6pdpRI5RMjgTAwH6DV5z5Xr_kUvaQ8csLrgS&sig=Cg0ArKJSzOG9o6KW7_ThEAE&cid=CAQSTgAvHhf_1qXwbKEO5uu39Bi0KB8ui8L2IqpCqmc5tMkSobjuMwk9qwaMuvxjN10vt5NYt0b6DPQppHrFjrxvnn2plFeUBM3y6B8N3Lb7LBgB&id=lidar2&mcvt=1005&p=0,0,180,700&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=4075648247&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705084842742&rpt=1606&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4792 0
10 B 42ms
41ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5JuUmQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:40:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
80ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1219922275380327&bg=!zs2lzYLNAAaumcC-jpk7ADQBe5WfOPIlqrVrpRT4SYmW1uBxmSqwyAkWUHM6hj79G6TRSNbLhjoccWFDckXuE0q_uqpjAgAAADhSAAAAAmgBBwoAfDHX7q5w1IoZGRjGLLlqMOYdsFLLVl3q4rpFWOJBBoNc-Fe32boVrk0bjCMl0nOvXxEkyzoxUMhxAK77TsrU6F4V1xTPJq0PhDS36abm2EvqaWk5h_QQ-T9K1dBu1POP8rOS1bSpJUf9x-exDrvJE_G_hZdJpX0kOA1bX8mZAquLRhRhQ4vcevJIthmzxmN22aClEKmA8k8zLam1KC2IpMucIH9EeOjts35aiHMI7IpXpXhVgLYBP7YO-zPhyo_BoGrF4VzjO9ctQITO8pFYju_5xwZmmVDWI8UnK6Gxc90-BDK0LajyvE0sSJQXx7Hhj3AxZIdZje-aXpxj-MCsx26GrN3Sgno8pCCK7cAgmLfeO0_1KHyoIHGMWBpxThpkECSQFsMrF0HwTlf_tfDXiaPdxtGa5eUP0qvfMxXmzBr3jv7vL21bYI7Y55sCo1qTxFJ5eG6UwK3hG1XPHYjvMIMn6JN7hNXG9tVef25XlIzEC14hv9ktNn3jenPtzAa8JaWgUA4br9VN-jpCzyiAlW0m0QKBR9rSf0PwD9XsnQvLkt7cEpus83uawnP6beon_8mqxfVLHu2XrLdphehzihLMtJCeqS64jM6xZk3kwSjyy3oedcmz_P63TbUVGmBMtUC_KJfwdjxMQFPr4hHm9AaJMB_rLemoZ_bl8Bzmvmkh6-08bryvVy76AfjSsRz_pXml4zvwsRnGP_FCqASw2JlnGHdVrF7qCGDckgBL5IKGCkNWVvk0sit6cMMc7LncgMcrpNyMaGy6PNA7CzmNkDyIFWlystUXLwxnkwHI6NN3GUFJw0mH_HgH9khQyMZe89xKVhq7jiIXb0k-AkjJ9uBQ9tD95jbcKG2q8ds4jxZnoc0JgFY-Fv-atPS8yYAN4it3D94JkujYnDor63Z2nPLMa2pprN86cazzqu-b9zdi9eytDWa224IIAxX8QJDHcbuctPwK4Xn-RHEs2XspwZx3ICamqM62c_05Fvty1no9pExqevG2WbZc6RAw_AqvujadEoBzfuNLkLtT2cqPI2R-DZtqWqgoC82AfXIpFBX89hqCKXu4SZSAKA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://upw.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44D5 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstp5ZOaDE1wId8dBX7RWel6TppmLUL_TYIb0_OstdtnHFsZk0VVRVFnqWeLdqyvHxqElL414_25d--cs7rA3XPC0KP1sYetaOY3TtGe8MxVl3LoRSou8RRsrP_hUj10-KvNuxJpwblKmBjeGL2CLSSibXgB52Q&sai=AMfl-YTyzLPnAIwOmBV1KypFXe-HIbOiof1PxoSdC05Ye0r-liQOcp-mFmfd-YuyW0hD39K_1Y738wBG7p2mwRFsYLFBruosK7q9jGYUXDzaUOpygJrFkvW807Oxhal_-4cspON70Tvt6W5r11Yv6-cvOw&sig=Cg0ArKJSzKoKsBKUpMdUEAE&cid=CAQSTwAvHhf_Tj8Ry_T25ET1vJBfmURILRSGlPBbBw6C8Sg_QfSKOdaExNQZkYd0FcCwhuS3ZYmPweXSWZPY53Tk6B4veeozlOAsUK6vGDURzNMYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705084844382&rpt=448&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D7E 42 B
64 B 79ms
79ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvF6X1gZ6wyXPrHTNpsPiidagTFASgHvBNXobmtTBdL3mbhJMYmV5oB6LB5LSE9zksuiLnps5gdyOnxfPx7_mxfCiCwROezEHWvn4DUHpleKpSgu5BKgePHck_RqZ5V2NbLZPvCu6eNPTcICQzrVz7BU5MDSZc&sai=AMfl-YTmP7hC4GgZbZv0JoVJGBFGyCNgz-RCesSm-4NdS_LnRwgnGs5--Xlgijyp1OTG5rugmIgnNhPR-NunWN87eE0Xk1BzyQU5akfwzqO-yz4fH0RzMxFdgKllOCktDus73nS-7aTh76OMFfs0JEVwKg&sig=Cg0ArKJSzKvCfF1ZRh03EAE&cid=CAQSTwAvHhf_Tj8Ry_T25ET1vJBfmURILRSGlPBbBw6C8Sg_QfSKOdaExNQZkYd0FcCwhuS3ZYmPweXSWZPY53Tk6B4veeozlOAsUK6vGDURzNMYAQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705084844397&rpt=341&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 18:40:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.trustedstats.com
URL: https://analytics.trustedstats.com/piwik.php?action_name=vios-adventerprisek9-m.spa.159-3.m6.qcow2%20-%20UPW.IO&idsite=1101&rec=1&r=501329&h=18&m=40&s=42&url=https%3A%2F%2Fupw.io%2F4El%2Fvios-adventerprisek9-m.spa.159-3.m6.qcow2&_id=ca6e95659d6a4024&_idn=1&send_image=0&_refts=0&pv_id=DJKLje&pf_net=87&pf_srv=208&pf_tfr=2&pf_dm1=434&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
upw.io/	1970-01-20 17:39:31	Name: filehosting Value: tishrvk79k6a6gcgdcipf6jvbe
.upw.io/	1970-01-20 17:39:31	Name: _gid Value: GA1.2.1220642597.1705084843
.upw.io/	1970-01-20 17:38:04	Name: _gat_gtag_UA_125798141_1 Value: 1
.upw.io/	1970-01-21 03:14:04	Name: _ga Value: GA1.1.1257163246.1705084843
upw.io/	1970-01-21 03:04:00	Name: _pk_id.1101.e1dd Value: ca6e95659d6a4024.1705084843.
upw.io/	1970-01-20 17:38:06	Name: _pk_ses.1101.e1dd Value: 1
.upw.io/	1970-01-21 02:23:40	Name: cf_clearance Value: iNXbQun1RCQE7g705mebBemfQwlivDDPh29WP4cvs50-1705084842-0-2-883b1d5d.e5cd95f.119d4789-0.2.1705084842
.upw.io/	1970-01-20 19:47:40	Name: _fbp Value: fb.1.1705084842875.248816563
.upw.io/	1970-01-21 02:59:40	Name: __gads Value: ID=b2dc271d91b3a9fb:T=1705084842:RT=1705084842:S=ALNI_MZUGSqByVM2QN348lvKQpQkPlMO3g
.upw.io/	1970-01-21 02:59:40	Name: __gpi Value: UID=00000cf4c103b631:T=1705084842:RT=1705084842:S=ALNI_MawB2F4PdDv7b3dROKghvFjr3SYAQ
.doubleclick.net/	1970-01-21 02:59:40	Name: IDE Value: AHWqTUlI5qzQmKK-_uuPrS8pmodU6o61b1PkEuVBp5yhsMQIs764mjpzsWv9hjAZPWc
.doubleclick.net/	1970-01-20 17:38:08	Name: DSID Value: NO_DATA
.upw.io/	1970-01-21 03:14:04	Name: _ga_T4291L0VVF Value: GS1.1.1705084842.1.0.1705084844.58.0.0
.googleadservices.com/	1970-01-20 19:47:40	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 19:47:40	Name: uuid2 Value: 4286002577766672655
.adnxs.com/	1970-01-21 03:14:04	Name: XANDR_PANID Value: Z-ZBSQcmdJJkQGvhRVoOxGjvytBa_j8ZOX5lWP5kDn8wKbFbVDj1Ua5XQaU0ZZTHOpekDytL5pWsp9J1AcnpH42DGHKeQp1mT4gn6VAS6Wk.
.adnxs.com/	1970-01-20 19:47:40	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>3CM5I!@wnfH8K6pQK`!5=E<L5?%Lf.Tg0lh0rimmdCF3lKC82)FE)?MI7OlOLOEP(hw9P-HC_#tu@X)zYT
.casalemedia.com/	1970-01-20 19:47:40	Name: CMPS Value: 4404
.casalemedia.com/	1970-01-21 02:23:40	Name: CMID Value: ZaGHrFH-d8AJ0xnJRSiWrAAA
.casalemedia.com/	1970-01-20 19:47:40	Name: CMPRO Value: 4404
.doubleclick.net/	1970-01-20 21:57:16	Name: APC Value: AfxxVi6CpdMfZ2ms9KbA4enXwAqHpvDjBi5mBdWduo_-cdHfrs0IsA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/185600485576186?v=2.9.140&r=stable&domain=upw.io(Line 127) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exdynsrv.com
ad.doubleclick.net
analytics.trustedstats.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
region1.analytics.google.com
s0.2mdn.net
s7.addthis.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.teads.tv
syndication.exdynsrv.com
tpc.googlesyndication.com
upw.io
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
analytics.trustedstats.com
104.18.36.155
142.250.185.98
172.217.23.102
2001:4860:4802:32::36
216.58.206.34
23.35.237.56
23.45.238.53
2606:4700:3030::ac43:855f
2606:4700:3037::ac43:c68f
2606:4700::6810:3865
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2006
2a00:1450:400c:c07::9c
2a02:6ea0:c700::17
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
35.244.159.8
37.252.173.215
95.211.229.246
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b
02945e324e7c86a1ee921da7d8fa596a9c11878ccfe839ac70f8badcb674d522
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c41af7e4dfb420a78275fdb8dead8856efd702eee5e441889e29c164658225f
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0cca9c2524a2c257cc53c398be0731ec07a02159b8a8f02dc5995a820808ebef
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
2ba990faaad8198719efac063a6ec699b548708b555a3ef7821fd6899a8556ce
2bc761215b52c02ebf9a49783b8c3458b14ab15ab1a527836e75f79fee92b423
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3039c879c1c6517cb0e366ee5e1f189bd947a6adbc588609ddd26809ed65d6d6
306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874
30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33bc670010d16d33508963e7da17cae4bd5d97da674f47cceb5cd1740dbd397b
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54c8612a7d57ad667a4736f5fbc08f6e1b9e9dcfe60ad559a1b09d22ae443eb5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
59bb97e54ebf701e377333b782461bc864b36f2e500d3cd3e96ebc2eb54f1c23
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a695675497d7404dd1dfccd316436715d1c80504b45d3d5030e7db344471ab4
6e5cdcba383ad56725238d9f6a38195fbd8be2576a2c82c2608d174039e72392
7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe
76da2f3a457cde270385d36fd1804b411afd571e7ebdbc1e3fb89615ebb5d55f
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74
7ed655176fcd1abb88841f5f250fa16c094849d9c5885d319ffbe97995b94355
84aa07329178b3b8e71687b24b49a35d924c996244ca875c5f2656f2cb63d3c1
86e9627f38621481d60d51f4bed9e425b31d1741d0c49dfd15c78e3d92497d6d
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
942c6c5d7383fe4edf48af78c1dd9cc7c417c781e14a0b7fec809810965ecb70
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9e7fa543586285f42f9ec7902918d70535973c4ac80a4389b17dcf3413c92418
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a92a98c5f5245daff1abaff565ae26359f85d4cd1d383ff6e50cd599cf5b3e49
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acf3e73505ca2824ebaa2354cfb381622f688dd1d2322111bb42d1a3dc8c2330
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22d798dfd9dc5be985cd04beb3744f681ceb8610d8b513d103f20d92c63fd98
b444b7187238845b5167ee66947acc42a1b602023f32c9d39bf09bcabf3e708c
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
b55c5dc5091a4f1b107fb2dd2d5eb22717606f9fb2e6012f632cfd544a6095ab
b6919dd92f8162e9d8b6642769217b9472c5bf423cdf82df50301a8af50ee53a
b712033ea1c370616c3105391e98e4867cea0159be8444ddd20249ea9888c950
bd009cdf9d1807561bd8a0413b91e354aef280a07625b7f26e6deffddce897f0
c017f0c3dc847b0c447f1b235f901f29cfb28d054edb6d94ebf5b837e01add11
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f
c9361ed0b939e2c6f5a10f75b020358df0a39bc7b68ed714dbd4671293a09656
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
ce82a3b85c6a22fa16531735765e954bc51c0e81e11e5945cff55b5b4325c571
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97
d39f20603fb0061a4d6b72aedcad5c7b6e19d8da5ec28b7f13d2f879dc0740ae
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6e5770d873b4f9e048c7b3ebd66b0884ce02799cbf4e8d5036386e55e707e57
dc3e1c7f25f8898edf9bba53c1cf0730271371e373bdd4dad4535cecedf85ba3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e6f3b2664be65e6f4e5a6fab4e0be14d511ddd87663615ab30f6fb1488c4be94
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0793726f5644132a1089a4bda6c2b3d0b145dac24c78db0618f4a5dd0f64c4
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f48aae5f78b33d75ba9a6507dae246fc3e7ac9de3973cbcff5ea88ba04dcb4da
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

upw.io Open in urlscan Pro 2606:4700:3037::ac43:c68f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

200 Requests

90 %HTTPS

69 %IPv6

22 Domains

29 Subdomains

30 IPs

5 Countries

2416 kBTransfer

7109 kBSize

21 Cookies

7 Outgoing links

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

upw.io Open in urlscan Pro
2606:4700:3037::ac43:c68f Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

90 %
HTTPS

69 %
IPv6

22
Domains

29
Subdomains

30
IPs

5
Countries

2416 kB
Transfer

7109 kB
Size

21
Cookies

200 HTTP transactions
5 data transactions