urlscan.io logo urlscan.io
SecurityTrails logo

123.wo80.com Open in urlscan Pro
47.52.97.92  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hh14.com/
Effective URL: http://123.wo80.com/tao.php
Submission: On February 15 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 91 HTTP transactions. The main IP is 47.52.97.92, located in Hong Kong, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is 123.wo80.com.
This is the only time 123.wo80.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    47.52.97.92 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
hh14.com
123.wo80.com
16    2607:f8b0:4004:c09::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4004:c09::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    240e:946:6002:211:3::3dd (China)

ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN)
s104.cnzz.com
1    103.235.46.191 (None, )

ASN- ()
hm.baidu.com
11    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
22    2607:f8b0:4004:c08::84 (None, )

ASN- ()
tpc.googlesyndication.com
4    2607:f8b0:4004:c08::5e (None, )

ASN- ()
www.gstatic.com
4    2607:f8b0:4004:c19::95 (None, )

ASN- ()
s0.2mdn.net
7    142.251.167.154 (None, )

ASN- ()
cm.g.doubleclick.net
5    104.18.36.155 (None, )

ASN- ()
dsum-sec.casalemedia.com
6    68.67.179.155 (None, )

ASN- ()
ib.adnxs.com
2    2607:f8b0:4004:c06::5f (None, )

ASN- ()
fonts.googleapis.com
3    142.251.111.149 (None, )

ASN- ()
ad.doubleclick.net
2    99.86.102.117 (None, )

ASN- ()
bucket.cdnwebcloud.com
Domain Requested by
22 tpc.googlesyndication.com googleads.g.doubleclick.net
hh14.com
tpc.googlesyndication.com
18 pagead2.googlesyndication.com 123.wo80.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
hh14.com
tpc.googlesyndication.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
hh14.com
7 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 123.wo80.com 1 redirects hh14.com
123.wo80.com
5 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 s0.2mdn.net hh14.com
googleads.g.doubleclick.net
s0.2mdn.net
4 www.gstatic.com googleads.g.doubleclick.net
3 ad.doubleclick.net hh14.com
2 bucket.cdnwebcloud.com s0.2mdn.net
hh14.com
bucket.cdnwebcloud.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 hh14.com hh14.com
1 hm.baidu.com 123.wo80.com
1 s104.cnzz.com 123.wo80.com
0 www.google.com Failed googleads.g.doubleclick.net
0 imasdk.googleapis.com Failed googleads.g.doubleclick.net
0 www.googleadservices.com Failed 123.wo80.com
91 18

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.cdnwebcloud.com
Amazon RSA 2048 M03		 2023-08-23 -
2024-09-21		 a year crt.sh

This page contains 19 frames:

Primary Page: http://123.wo80.com/tao.php
Frame ID: 3EA2F3952D641FAD316971DF3DCC8ED7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20190131/zrt_lookup_fy2021.html
Frame ID: 6F51E29F20CF5599B33FFD261F342C55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&adk=1812271804&adf=3025194257&lmt=1708038531&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2F123.wo80.com%2Ftao.php&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&dt=1708038531294&bpp=5&bdt=751&idt=253&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7159387965864&frm=20&pv=2&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=274
Frame ID: B64DF7102BC840ABED2B911815671A2D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=1519229338&adk=1168680760&adf=4215312757&pi=t.ma~as.1519229338&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531301&bpp=1&bdt=757&idt=275&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=280
Frame ID: 76B73BF7B62AEDAA13C1B1638DE35412
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Frame ID: DF1E6B2249F49ED019F9C39ED8345854
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Frame ID: 6C1BD4AC1A358CC2AD7F826187999CA0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1707966828299&w=1200&fwrn=4&fwrnh=100&lmt=1708038532&rafmt=1&to=qs&pwprc=5110677249&format=1200x280&url=http%3A%2F%2F123.wo80.com%2Ftao.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1708038532094&bpp=1&bdt=1551&idt=1&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60%2C960x90&nras=2&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=12
Frame ID: 4230146A181D6465C46E5D18851F4B79
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY_8_scTAB&v=APEucNX4vg1ctG0lNzWbeTnXfpo8clXqQHid7y1lxpASW3rw1iohKq1Ki8_TRRO1-9upOmjHW2T2ak1SCYZnGYYeSRLku3Ui_Q
Frame ID: C3723C73BB56DD65A088C108C3EAE159
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: F5A8D6BC5E5540434BD8E3B46C52E5B5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Frame ID: 6542BF761A1EC4F1BE565A59074F0B9F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Frame ID: 8F7B915B5897765BCC2CE508E7320A0A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY5sm2hgIwAQ&v=APEucNXYXHq3FOt8Tz-BsYfQnm8GIgt1Rz-uannUAYYqe3L1f3ulICqN59sgZFWgM_NlmZoDa0AGSMpNCiGrHa4cSZs3xC92fw
Frame ID: 317F54D4D251A17EE2A7F9E2CFD6D17B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js
Frame ID: 543704B7052CFC19045E6CDCEEAFD89F
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/pagead/drt/ui
Frame ID: BEAD5F406A1C767E346E5F7D0F80A557
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=iSyabDGB7Q&t=1&renderingType=2&ev=01_250
Frame ID: 46DCC815D14F1014C743582B8C527C5E
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6DAE4C8BB44A17A3F4FDD095861A1393
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7AA1B1C577B259DFDAF42BE8D2BCBCFB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
Frame ID: 2DA1E0D4E8465F141E83E4B4666FE90E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js
Frame ID: C778E0768562DD416136825B077864C7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

域名系统

Page URL History Show full URLs

  1. http://hh14.com/ Page URL
  2. http://123.wo80.com/ HTTP 302
    http://123.wo80.com/tao.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

91
Requests

71 %
HTTPS

53 %
IPv6

14
Domains

18
Subdomains

16
IPs

3
Countries

1286 kB
Transfer

3759 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hh14.com/ Page URL
  2. http://123.wo80.com/ HTTP 302
    http://123.wo80.com/tao.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOUQeDI_b9_go4D3P2zSV0&google_cver=1
Request Chain 47
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc6ZhNHM7.QAAE4gAGOcBAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1&google_hm=2
Request Chain 48
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDbbxa9TcglCmnZ395Qk4G8&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDbbxa9TcglCmnZ395Qk4G8%26google_cver%3D1
Request Chain 49
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MDk3NzQ1MDY2OTg1MDkxOQ%3D%3D
Request Chain 73
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1
Request Chain 74
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc6ZhNHM7.QAAE4gAGOcBAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1&google_hm=2
Request Chain 75
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEON_s4k4oMu_DXmnyglgxoU&google_cver=1
Request Chain 76
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODYyNDgxMTQwMDI0NjY3OQ%3D%3D
Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CfYA5g5nOZd_OKZCdtOUPhdCQgATzvYH0ddTjwZ3-Ed6Jq-zqGhABIOLCmmBgyYaAgNyjxBCgAf39jaUpyAEJqAMByAPLBKoEygFP0BsBz_MnKamPgt1UjfFxUO6MONZhwUERXNP4tmj3bT1b7C__jv8InMNWFrNY36S6bcj-oIT8j8OZGuMsdTbTtmKOtrs5LoW6TCgbOJgaaz3qk7LpoUFhBgawpvGMPoiM9hWJSj26rtZtTIXjCchx0s0TdoJGjrSb0aTWCLFdxNmmGXk-7dJyh7b6TdjQrL3syU5Y9inDml8i6QJTCCluH3PUbtE9t81EtZjFP5la-kaca0Dimh42Wm61U3bTeSLVwz_-jUanxnwBwATrvJufywSIBbyo5vdNkgUECAQYAZIFBAgFGASgBi6AB_213oQEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQi-EF0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WIr8w6-7roQDmgmuAWh0dHBzOi8vaW50ZXJuYXRpb25hbC5mZXJ0aWxlLmNvbS9jYW1wYWlnbi8lZTUlOWIlYmQlZTklOTklODUlZTQlYmIlYTMlZTUlYWQlOTUvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1pbnRlcm5hdGlvbmFsK3N1cnJvZ2FjeSslMjhOUyUyOSZ1dG1fdGVybT1wLW1heIAKAcgLAdoMEQoLELDRw5qizc7n2gESAgEDuBPkA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi0xMDM4ODk5NzUyNjI4OTQ5GAA&sigh=Ld1DTXIJmZ8&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_AqLtXx4uw0_iGaT2Bn2Za-Ok_uYJ356vk-aSdlkNoGjiKp5HsB09Lr3K1hjVJ65FqnKHN8JcrS2oCyTOI81-sO4FIhPip1yonxgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1ccbe2b174daff040000000000000000%22,%222%22:%220xb2fbc3bd9982a5070000000000000000%22,%223%22:%220xea60295bd02e6b0000000000000000%22,%224%22:%220x16c864c38c8633470000000000000000%22,%225%22:%220xdfbb5ddfd6af87920000000000000000%22},%22debug_key%22:%2215549373896946890939%22,%22debug_reporting%22:true,%22destination%22:%22https://fertile.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211083677437%22],%2222%22:[%22true%22],%224%22:[%2202-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212356769752603118529%22}&andc=true

91 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hh14.com/ 		56 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
http://hh14.com/
Protocol
HTTP/1.1
Server
47.52.97.92 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx / PHP/7.0.12
Resource Hash
b8d969ed05c3126fbfb485bbca45ad3e4aa9a06c5625c27b3e51faa3cd67483b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Feb 2024 23:08:46 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.12
1.js
hh14.com/js/ 		63 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
http://hh14.com/js/1.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
HTTP/1.1
Server
47.52.97.92 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
d6954a408293e9a96be0825bf57878d7391b583327f3760b106fd11658ca05d0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://hh14.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 23:08:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Dec 2019 20:45:08 GMT
Server
nginx
ETag
W/"5df2a6d4-3f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=432000
Connection
keep-alive
Expires
Tue, 20 Feb 2024 23:08:46 GMT
Primary Request tao.php
123.wo80.com/
Redirect Chain
  • http://123.wo80.com/
  • http://123.wo80.com/tao.php
30 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://123.wo80.com/tao.php
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
HTTP/1.1
Server
47.52.97.92 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx / PHP/7.0.12
Resource Hash
07f219948d3b81f4e34baa660ec34f410fab67986e8a1ef9b2e611e176aa92fd

Request headers

Referer
http://hh14.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Thu, 15 Feb 2024 23:08:50 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.12

Redirect headers

Connection
keep-alive
Content-Type
text/html;charset=utf-8
Date
Thu, 15 Feb 2024 23:08:48 GMT
Location
/tao.php
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/7.0.12
new.css
123.wo80.com/images/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://123.wo80.com/images/new.css
Requested by
Host: 123.wo80.com
URL: http://123.wo80.com/tao.php
Protocol
HTTP/1.1
Server
47.52.97.92 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
66382724ef5808cf25fc0d7bdfdc7ac1b11834116bba7a72c2997d7265fe5d19

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/tao.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 23:08:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2017 11:11:04 GMT
Server
nginx
ETag
W/"5a1fe748-7e4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
zzsc.css
123.wo80.com/images/ 		1011 B
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://123.wo80.com/images/zzsc.css
Requested by
Host: 123.wo80.com
URL: http://123.wo80.com/tao.php
Protocol
HTTP/1.1
Server
47.52.97.92 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
bf16e10758391b61cf62ddf2f7655fbfa33f15f6346e178efa057f7f5088610a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/tao.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 23:08:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Nov 2017 14:34:33 GMT
Server
nginx
ETag
W/"5a16dc79-3f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
zzsc.js
123.wo80.com/images/ 		2 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
http://123.wo80.com/images/zzsc.js
Requested by
Host: 123.wo80.com
URL: http://123.wo80.com/tao.php
Protocol
HTTP/1.1
Server
47.52.97.92 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
c2896e99bae61f50f44000ac75282087e77c0546d45d0ce1f4dbcbc56eaf0456

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/tao.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 23:08:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2014 02:30:34 GMT
Server
nginx
ETag
W/"52f98b4a-6d6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 123.wo80.com
URL: http://123.wo80.com/tao.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e71f80bb851032aadab0b38b259b5f5b38f8ac0afd9dbb6a03ad0f99c5baab87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 23:08:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51426
x-xss-protection
0
server
cafe
etag
11903982491871611647
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 15 Feb 2024 23:08:51 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 123.wo80.com
URL: http://123.wo80.com/tao.php
Protocol
HTTP/1.1
Server
2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
238cabc41e44bebaf99e6e1777b6ad9db81f65b2e89f64c5f4400da4561de447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 23:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54617
X-XSS-Protection
0
Server
cafe
ETag
12517547941321720120
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires
Thu, 15 Feb 2024 23:08:51 GMT
stat.php
s104.cnzz.com/ 		0
552 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s104.cnzz.com/stat.php?id=403447&web_id=403447&show=pic1
Requested by
Host: 123.wo80.com
URL: http://123.wo80.com/tao.php
Protocol
HTTP/1.1
Server
240e:946:6002:211:3::3dd , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 23:07:56 GMT
content-encoding
gzip
Via
cache59.l2cn1821[0,0,200-0,H], cache26.l2cn1821[0,0], cache4.cn4653[0,0,200-0,H], cache24.cn4653[0,0]
Server
Tengine
Age
54
X-Swift-CacheTime
85
vary
accept-encoding
Ali-Swift-Global-Savetime
1708038477
X-Cache
HIT TCP_MEM_HIT dirn:10:223567999
cache-control
public, max-age=90
Connection
keep-alive
X-Swift-SaveTime
Thu, 15 Feb 2024 23:08:02 GMT
Timing-Allow-Origin
*
Content-Length
20
EagleId
968afc2c17080385311584983e
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 123.wo80.com
URL: http://123.wo80.com/tao.php
Protocol
HTTP/1.1
Server
2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b45036a7fbbb989278a5a25698ec35bf8b215c53811986e5422ca7f7f33d776d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 23:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54608
X-XSS-Protection
0
Server
cafe
ETag
13072613404823712667
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires
Thu, 15 Feb 2024 23:08:51 GMT
record_Bg.png
123.wo80.com/images/ 		6 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://123.wo80.com/images/record_Bg.png
Requested by
Host: 123.wo80.com
URL: http://123.wo80.com/images/zzsc.css
Protocol
HTTP/1.1
Server
47.52.97.92 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
093ec573d92c0898036375591bdf04f45b28ec804ad948a26d19201e71b71b1e

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/images/zzsc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 23:08:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2017 20:09:06 GMT
Server
nginx
ETag
W/"5a109362-1864"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?a482c90dcde69602577fa45525d7d7b7
Requested by
Host: 123.wo80.com
URL: http://123.wo80.com/tao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 -, , ASN (),
Reverse DNS
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 23:08:52 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
04e53857d0c46c89933bb27675a6fa3f
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11256
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
336950ea8418758aac8d05d560c9a644fd6425fbbd73aa5f0c3e46a69f18f452
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 23:08:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141170
x-xss-protection
0
server
cafe
etag
2701090251755808498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:08:51 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240214/r20190131/ Frame 6F51 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240214/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://123.wo80.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
72124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 03:06:47 GMT
etag
3890843268177463596
expires
Thu, 29 Feb 2024 03:06:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B64D 		239 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&adk=1812271804&adf=3025194257&lmt=1708038531&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2F123.wo80.com%2Ftao.php&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&dt=1708038531294&bpp=5&bdt=751&idt=253&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7159387965864&frm=20&pv=2&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=274
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0ac0f3fa345ac2736eb26bd641ade1f0041a5ab8bfac014a4c35400db3316fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://123.wo80.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
71731
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 23:08:51 GMT
expires
Thu, 15 Feb 2024 23:08:51 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 76B7 		113 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=1519229338&adk=1168680760&adf=4215312757&pi=t.ma~as.1519229338&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531301&bpp=1&bdt=757&idt=275&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a74f72e2cdb622aa8d5e75802013c0f7862decba4e72797c69b1e7bfd17e8c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://123.wo80.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45729
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 23:08:52 GMT
expires
Thu, 15 Feb 2024 23:08:52 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DF1E 		119 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
006087f10f05891a6530f7272dbbfd6e10225aa97c3fc2fa0c845e76385277ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://123.wo80.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41806
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 23:08:52 GMT
expires
Thu, 15 Feb 2024 23:08:52 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6C1B 		125 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f754f3b002ce8d97ff3863ccf947ad5611c8dfd0fbc67c05346edc18cf1f348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://123.wo80.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43991
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 23:08:52 GMT
expires
Thu, 15 Feb 2024 23:08:52 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1421fddc778b047b7edf0e73d6d54374b1d21e4f8d65df71d5510e0b5733c828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://123.wo80.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 23:08:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
cafe
etag
11843903378658233248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:08:52 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4230 		838 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1707966828299&w=1200&fwrn=4&fwrnh=100&lmt=1708038532&rafmt=1&to=qs&pwprc=5110677249&format=1200x280&url=http%3A%2F%2F123.wo80.com%2Ftao.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1708038532094&bpp=1&bdt=1551&idt=1&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60%2C960x90&nras=2&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9de1148b962c36cbbc14e48a7885ef184a11df2f10375d9851e30da90259dfcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://123.wo80.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 23:08:52 GMT
expires
Thu, 15 Feb 2024 23:08:52 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame DF1E 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
24443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame DF1E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
20119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 17:33:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame DF1E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame DF1E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:25 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DF1E 		204 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62867
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:52:06 GMT
c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame DF1E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 13:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15250
x-xss-protection
0
last-modified
Fri, 09 Feb 2024 05:57:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 10 May 2024 13:53:33 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/12935036793011063666/ Frame DF1E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12935036793011063666/14763004658117789537?w=195&h=102&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
32f92e97280dd837bcb37ceef6c37a62fd88d567e91a4d1575c9211dc5da8e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 15 Feb 2024 23:08:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5741
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 13:38:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 14 Feb 2025 23:08:52 GMT
5343998866071972343
tpc.googlesyndication.com/simgad/ Frame DF1E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5343998866071972343?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c85a6409fabbeadc356931dfc993ea5235349af7899d52a1e207f90654acbe17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 15 Feb 2024 23:08:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8007
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 03:06:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 14 Feb 2025 23:08:52 GMT
5d115d22c534f80a76417856e32eef9c.js
www.gstatic.com/mysidia/ Frame 6C1B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 04:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3749
x-xss-protection
0
last-modified
Fri, 09 Feb 2024 05:57:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 14 May 2024 04:31:14 GMT
39b1936085524998ebfc7677a2ba517e.js
www.gstatic.com/mysidia/ Frame 6C1B 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/39b1936085524998ebfc7677a2ba517e.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4466
x-xss-protection
0
last-modified
Fri, 09 Feb 2024 05:57:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 15 May 2024 17:44:20 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 6C1B 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
24443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame 6C1B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
20119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 17:33:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 6C1B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 6C1B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:25 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6C1B 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62867
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:52:06 GMT
c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame 6C1B 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 13:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15250
x-xss-protection
0
last-modified
Fri, 09 Feb 2024 05:57:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 10 May 2024 13:53:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C372 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY_8_scTAB&v=APEucNX4vg1ctG0lNzWbeTnXfpo8clXqQHid7y1lxpASW3rw1iohKq1Ki8_TRRO1-9upOmjHW2T2ak1SCYZnGYYeSRLku3Ui_Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=1519229338&adk=1168680760&adf=4215312757&pi=t.ma~as.1519229338&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531301&bpp=1&bdt=757&idt=275&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=1519229338&adk=1168680760&adf=4215312757&pi=t.ma~as.1519229338&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531301&bpp=1&bdt=757&idt=275&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=280
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 23:08:52 GMT
expires
Thu, 15 Feb 2024 23:08:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F5A8 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::95 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 10:04:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Feb 2024 10:04:47 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame F5A8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
72767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 02:56:05 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame F5A8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 03:08:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
72000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 03:08:52 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F5A8 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:10:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
183524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 20:10:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame F5A8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=1519229338&adk=1168680760&adf=4215312757&pi=t.ma~as.1519229338&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531301&bpp=1&bdt=757&idt=275&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame F5A8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=1519229338&adk=1168680760&adf=4215312757&pi=t.ma~as.1519229338&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531301&bpp=1&bdt=757&idt=275&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:25 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F5A8 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=1519229338&adk=1168680760&adf=4215312757&pi=t.ma~as.1519229338&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531301&bpp=1&bdt=757&idt=275&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62867
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:52:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F5A8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFBIUmnohmrR1tZZxGPVvrtbSioMvOIWBZYToK8EX5ke1JEXp0Jb0u8aHhRoc05fvLUUxSFyZ1f0id3vtnZUqEbRk1IRvaq4SSaM5i_m1He4M81rE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=1519229338&adk=1168680760&adf=4215312757&pi=t.ma~as.1519229338&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531301&bpp=1&bdt=757&idt=275&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/ Frame 6542 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://123.wo80.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
8361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 20:49:31 GMT
etag
3890843268177463596
expires
Thu, 29 Feb 2024 20:49:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/ Frame 8F7B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://123.wo80.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
8361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 20:49:31 GMT
etag
3890843268177463596
expires
Thu, 29 Feb 2024 20:49:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame C372
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOUQeDI_b9_go4D3P2zSV0&google_cver=1
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOUQeDI_b9_go4D3P2zSV0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY_8_scTAB&v=APEucNX4vg1ctG0lNzWbeTnXfpo8clXqQHid7y1lxpASW3rw1iohKq1Ki8_TRRO1-9upOmjHW2T2ak1SCYZnGYYeSRLku3Ui_Q
Protocol
H2
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAAURDboRdH2woe97aR6Ev5CCRG5atDFMUQ9QJes1rIPrJeXV6qp%2BmwK3zzyVOXuO%2Bwf8sZeoCzQU2T8NwEgGwt%2BtJ9Wh1aI5735SdgZnNkyzGp77HbYlThhZfT9qSq3iICmLcWza6QNNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8561371bec784c2a-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOUQeDI_b9_go4D3P2zSV0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C372
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc6ZhNHM7.QAAE4gAGOcBAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1&google_hm=2
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY_8_scTAB&v=APEucNX4vg1ctG0lNzWbeTnXfpo8clXqQHid7y1lxpASW3rw1iohKq1Ki8_TRRO1-9upOmjHW2T2ak1SCYZnGYYeSRLku3Ui_Q
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkYm2g7t2qrJIqG5o6cYcwIw6HgrKEtLVyhk2pLJ5EUBcJeNDbfi54hipbgFF6v4%2FjCXnmGX5MnkrAElO5zPn8%2FI547hpG8aWXKLeg2kEXy7SAYdj0M9MVWaEjrZlcNzwiRlPw%2BpBvUNOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8561371c8f80228d-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame C372
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDbbxa9TcglCmnZ395Qk4G8&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDbbxa9TcglCmnZ395Qk4G8%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDbbxa9TcglCmnZ395Qk4G8%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY_8_scTAB&v=APEucNX4vg1ctG0lNzWbeTnXfpo8clXqQHid7y1lxpASW3rw1iohKq1Ki8_TRRO1-9upOmjHW2T2ak1SCYZnGYYeSRLku3Ui_Q
Protocol
H2
Server
68.67.179.155 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
an-x-request-uuid
04f8b4a5-74b4-448d-ac14-591a9e28fd52
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.77; 38.132.118.77; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
an-x-request-uuid
dd6bad4c-26bc-40b5-b4fb-c859876fe941
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDbbxa9TcglCmnZ395Qk4G8%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.77; 38.132.118.77; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C372
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MDk3NzQ1MDY2OTg1MDkxOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MDk3NzQ1MDY2OTg1MDkxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY_8_scTAB&v=APEucNX4vg1ctG0lNzWbeTnXfpo8clXqQHid7y1lxpASW3rw1iohKq1Ki8_TRRO1-9upOmjHW2T2ak1SCYZnGYYeSRLku3Ui_Q
Protocol
H3
Server
142.251.167.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
an-x-request-uuid
0ef5f44f-6a20-45ae-9aa4-e8dba42bfd13
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MDk3NzQ1MDY2OTg1MDkxOQ%3D%3D
x-proxy-origin
38.132.118.77; 38.132.118.77; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
css2
fonts.googleapis.com/ Frame 6542 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Feb 2024 23:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 22:12:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Feb 2024 23:08:52 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame 6542 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:57:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6487
x-xss-protection
0
server
cafe
etag
9214289930287671984
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 22:57:05 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame 6542 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 23:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
6041988417631582345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 23:01:26 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 317F 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY5sm2hgIwAQ&v=APEucNXYXHq3FOt8Tz-BsYfQnm8GIgt1Rz-uannUAYYqe3L1f3ulICqN59sgZFWgM_NlmZoDa0AGSMpNCiGrHa4cSZs3xC92fw
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 23:08:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame 5437 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 03:08:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
72000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 03:08:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame 5437 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
72767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 02:56:05 GMT
view
ad.doubleclick.net/pcs/ Frame 5437 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvPH0_VAQDQz_f4Y_XvAz8RT7RWT2dSA2-aF6QQieVhZJpk4lrTaa4SdIIG1xp6E_lc7hvhVMNqXhRT2ISES9aU26MZ_bwqu3jDrr5D5J9tlRDyiBKXey0UeR8NSOKexSMGJxkkCSLqlAzrUOR4pMgJ9Wy10e18xq-pjpRUShJvxOQN6z_giwBZswoOLSPiB4vNi9OFztCpEQekmSTkar5bn04itYXBIl0IwggHcMzuSZ_tvCbCjDkl_X-LScfR6WaFCkT1pCFrhaOnDfrkPltAvqzoM1Z_ipPC9aEge2lkQFxT8eZOoge7AdLBF87trvzWsmDMYb50QxvTGC_zvW4qNGQrsn8PYR_C_2yPJFzfYIAA_7uaMRDE0UaeCtdWH-KDBgRLe1X2qOBfpYahD6PHwC8gcFP3AmaW2JxHzDpbeMuzJyxaHIhDd-2nBB2J8PbS76ua3399PEL23u-uf_TMiuNEl-BFAA-fFUAB335An5mnQReQLDFhJGJBCFVZLpyDZeVrOJBAg319r1jkuoxfO28jmDQW9ND46cpxlj_C1nqQmoUvPdyb3KScn_Jdbok85KXxoQgWQwkZM5WsGmQKVYhCnjQ_ob6xwN1TgA6rJsX5JlKsPHY42Qu2asrCAHiowboy5gPQLLLm1refVpqMM3zF2De-JHePSvNXu01dzPkdX-IOMMw5Nv7fMeOcEP6AebP-EjSObd8WpJPbcvyfd7fFIa4CA4rGD4wgrJB-EhyR1KLJbjiA2tOjHXpS7pbDGeVc_p30YREk-Nj_DNXuvcBW2_d_cesiWXVsHpRWPCtaeECU3j6LnjuhhJk76vGDtNGJpf5t4ze4au1OUxN3BnMsGvicLNsYPC_1kEfCdvRJ-Hn1csCkGg-alt34WbKX2LL-KlJN5xoIC_s7RBeektGtki5rA1sFODlNqrQjzors_w1p3-jqBnWHUhwdGSz8u4g1JYvjVFb0c2JmPzMjfKEtBIPyqSHVs1eteogCaY2tNZpafcekJm2B8LgCRARgB5PigcpWZ7so8bIzAFk2WAt6_xnyZBXDRCY5Xj5mQwpQng8KoXKsTDlIpMGPVzSDvbTJOqSnlt30GL6j1jPP6gtdwE0nBziNwahiPzJBHSsF853CC2fJnxsEqUbwAYWmZwaWtrwDDrpUvBVW_J-luO8_RLrxUwKLkTZWcLqDlAgVLYGZUKxnz01pN9k8D4mO-Tk79g4OTlxDtdxbUDnc3j-XXJv8zM9FkB-lqVAgJKbfVflsoWZHyDnHlHfM-XXN0Ih4sFtfBBH39G-Bmcxk1j_KPVw0dHO667pmYKj67UCTlolcDUO96IE1QwMMCjNsvIeS5A&sai=AMfl-YRTDDCb-3o9jWKbiJswdLfx5mYJrRQpn1owDvsFeb-vTY1aebuzjDNefIXwbjfAXe-SXQPJaJ7bInooo5Uouj-gZgsiB7cDogL1QD9MH6QqMH3d9eQMjZDJQxUyTiz_oJLKt1GJdqQZU_P8vLRaeXHfXZWb1JxOm3DH47YZnCrSEaKom8v8mRCMhqjGYbprpwgkjO7NNeRcmPacR6irf9FA7pgT7hj1kZUF0s9SwtlgMFe61kafNf0FnLDcPt1roHo_sxF2A08Tg-UZwbM_uZXrrWsP361AEMw0bjUgkV6d0vrhcfEkUiA50aCAARvUtaN6dgh9RHniHwy9G9NWhW9AzuNtbt9KQ7T2OTSFTQOSkz8NIL4eJPV4EQr_2xvE42OsGoiHrPGIB8lQrzdLzNGghnwUkKsB2NmjXyao9hwkLi4wz-iBzpN3ifYZeLlyB4x-qBp82sggQXl3jt7xwFDiq_F-eFlUddljRuyNic3ZHDoTyFRj9V6K4ZWgdRQ4Fik0JSABn9OLaw&sig=Cg0ArKJSzL1o-hhtyly5EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYXplci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240214.26506&arae=0&ftch=1&adurl=
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Feb 2024 23:08:52 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:08:52 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5437 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:10:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
183524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 20:10:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 5437 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 5437 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:25 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5437 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62867
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:52:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5437 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1AIf1RdsB0oxRwTdsGbkCoFuTvTLiWCMXay8WTb5luwTBR9zOBT7tTSayxK2UVYzdkEWjCYvx4R2YL1-tkcjH0dujatLDK4kYBFmL-0ZUA5BnSi8
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5288121106336378927
s0.2mdn.net/simgad/ Frame 5437 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5288121106336378927
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::95 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2d05c7b162e4513156c790ee53a49796b9748126c25b66eddbdadc86cf3f0b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Fri, 14 Feb 2025 05:55:28 GMT
date
Thu, 15 Feb 2024 05:55:28 GMT
x-content-type-options
nosniff
age
62004
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37379
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 03:05:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame F5A8 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed0a57625952a9aac15717b7a3e1ea08420e44e7791b5b2b55048cd3d0a2dba7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame BEAD 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=90&slotname=9477610402&adk=891782138&adf=384445494&pi=t.ma~as.9477610402&w=960&lmt=1708038531&format=960x90&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=306&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90%2C960x60&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=310
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3283
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 22:14:09 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DF1E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ffb6556df7f3f1918d5e86802171c0d74975dce7cbe9e0cd175cb10a43a778b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6C1B 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85a5440b36f1248ec599c3da3c3b972ef43f42106296f34ec2bcf99c325079dd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5437 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a4518a370c4bb7e043e87d24ff76704d7b9e9beeb9cfba85827840fbf9a1352

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame F5A8 		1 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=275803455&ord=4073016842
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.117 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 10:36:03 GMT
content-encoding
gzip
via
1.1 e0727dc57f70d6bb46ec563b2966be18.cloudfront.net (CloudFront)
last-modified
Fri, 20 Dec 2019 13:03:10 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C3
age
47167
etag
W/"9748fb959a7ee41d8aebb52473ace3d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
hhxUtlz3TLyslzgCqLtUG-Z43H9ucUe4WDQzDoJFAiZbEeMFs9oaiw==
index.html
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 46DC 		209 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=iSyabDGB7Q&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::95 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61d101801c1f9fdd8dddd032ea43c62fe911ddc06914c77ac8928b603f34c2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 23:08:52 GMT
expires
Fri, 14 Feb 2025 23:08:52 GMT
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame F5A8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvYYzMY739neTnstM4kcIql-ptou8Koh8gxKJmsGzGB3Jwq65Snf6PlsuDCSVgRThusQqoceF1fg-8UyN-JRwRghq59XsUywQF7HohLJFT0IrXDfdwXWLMTtJeRmuj-Z7I00IwMPSK0x0sU-cXh8Uuio0s6TVH9Ijl6EgoVjFa3Tuehv_Yuxi7HQAA8nz0af1kE92vwovmPAoXLnDC84rIAQjAeUsK-GvE5i46mM1C9gky3qv6Jrxq8oSkUQQtmzF2Dm5DaD_V2uSzA7McINGyyH0ERyOxL_p9Myug6NKaMAjG7oxEOHvi-P7t1IYU_er3da46tBPKd2c9WIx-Bjr2hCDCuYsTHSbsJjRKLBJOuNFL8Rl5eDlOGpeqCUWocxYpDlMdLr0Ae14oZC_420RFEbRojRcAWc15jJh-K2zLAlEQ7sApH-hGSjfvRbIV0gsKKWDFVoLUn6-gTg844bd30jwt4D2ejWotojO8p0a6jq6naw0YBYn5CFcKiuubl1sPttet30EFCaxJp1bECExAmM0u4SUvomu0-EPhjd8PFazqhAOZSbswvLdbv1QBjwDfpr8lwfP4DU1PQUVF4sP2BxlNCfXhzOWRhZ9DQdJmUtBcH4QOP_Mf2TdvGbFfVGSGaubVyF5d4LJet2SLPvP55o9Vok7NyxuZbe4Dj8Rpb5fTqBEDuluvbvDFRFGYCViMBLLYwRykPPjmdb7S-KSffr_5m96-LPwHZa7LIY6SKjlKGaf-8Y9lm8A4X1MWM6Ls4QWYSTDTIacMKMkBbc7921w-Q2wKAMR-uZdi2BJUUECcn2CBb2mDtLD8A7vyAmfcP2T4DIlFhgKf1Ga0xndeR75j3hKHm1MtWjpLXFA1OYicIwsK8IfFRP_QA9L4iEPwthVvoKO2JmlGBiZKmd1Dikf_80I3F0m_D-Ai-V6rvkLhXNME-Te0jnQeE6aIug0iXhab6lw2QVBt0IPa9zcDZp5hMIKAOgQmdc4x3jhfFC_IoCBfM1wfR6Ca778M3D16HEA-UVFyOexbg1u_gyHStdwl3x2iAnQWjH51nKJx08t-9xmo22K_AykAbO4MBiTO9oGoViAMoVuMyc74K3gy2bw0ahgJ7dKKR3EgtGCepJ3hH0K8BF8mT3-RyExX46FqBwJqnWIaoS_jWpsnO77eTcVki4WcCP2nT8LkjEmCqU5sWFqMbsmbqIHi3l7jhmw4IHQGE8VKcyA9x3iXc6fmL5vxKtSzPardr8KWEN19igrTTr1Jp0AmylAVwSQf4IsGab0JIziYiPfF30jHC4XKr34sXjRemPlynthqqtkuqzqzd6yulDj-M4cJ8pW3Jgk6J511GdUT5pokY3uG1Kaw&sai=AMfl-YTONgzFdfnfVwkJsnUJ5x8owap9DNAkvJhN8KS02MTIN5cHI8k3im4NBjbx2s7QuC5n0L7Tdm3bKt4ByUanD5iSOK2mFj8BKIflmjZ0JcERRd-SHOyZ4O_U8undeiIc31S-YVpywxhVHo08Emo1BfCCL9CynhcUfnQxmM9VCuUJs7OioAK795zDRyC-xsIb7PQbOitsFcV9-YGSkqSS_BjBgwyln92nIHBvY7bSbws1HAxOCXM88JYKFOrUHsnc8qO0IRYsCJ-FwLTMC-0mQaQVrKB8njh_Yj_O3GbU4SlBCnTmHNqGSNq1Wxgt1TK4XcU-7omlxreKDY7U7OIGTH1GSFItYTn4qUNJ1IIpyKseDEqIfbKeWfRaJFAKtx-CkEY_ttZTibxOOPSijLDtW7cKSVLl1MW8MBQxFfnGt5ZFRWcrfbaoya9IFN4RjCEevJXICOuO0qbkCC1-rV7a9pidaXXHaPYvRyhh7yTIsmFjewwvHCm5HEoUgi0U-3nw7nm36Lk&sig=Cg0ArKJSzJ2GbWqeckKUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=400&cbvp=1&cstd=391&cisv=r20240214.96715&arae=0&ftch=1&adurl=
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Feb 2024 23:08:52 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:08:52 GMT
n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame F5A8 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=275803455&ord=4073016842
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.117 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 10:36:03 GMT
content-encoding
gzip
via
1.1 e0727dc57f70d6bb46ec563b2966be18.cloudfront.net (CloudFront)
last-modified
Fri, 20 Dec 2019 13:03:10 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C3
age
47167
etag
W/"9748fb959a7ee41d8aebb52473ace3d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
D670V-7Y8FGXOYDV8R_jhQklSw_ZPH3gBXlLLFSKd2EexVKVMnQtOg==
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6DAE 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
122981
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 12:59:11 GMT
expires
Thu, 13 Feb 2025 12:59:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 317F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY5sm2hgIwAQ&v=APEucNXYXHq3FOt8Tz-BsYfQnm8GIgt1Rz-uannUAYYqe3L1f3ulICqN59sgZFWgM_NlmZoDa0AGSMpNCiGrHa4cSZs3xC92fw
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Ffcoio0NbJyl9TvQHHM9bM52SDJphij%2BMMqJ1TMId7EtROH%2ByCBWb1Yg%2BXYEfjZ58zsn6dWkVS34O9PCascLPMIvEFk3Rr5ZGpuZwxyw%2FpBq%2FnHdqhgNzmogRV8jCG1iXiVo5UYZYEjdw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8561371d3875228d-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 317F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc6ZhNHM7.QAAE4gAGOcBAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1&google_hm=2
0
0
setuid
ib.adnxs.com/ Frame 317F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEON_s4k4oMu_DXmnyglgxoU&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEON_s4k4oMu_DXmnyglgxoU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY5sm2hgIwAQ&v=APEucNXYXHq3FOt8Tz-BsYfQnm8GIgt1Rz-uannUAYYqe3L1f3ulICqN59sgZFWgM_NlmZoDa0AGSMpNCiGrHa4cSZs3xC92fw
Protocol
H2
Server
68.67.179.155 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
an-x-request-uuid
50efcfaf-d046-446a-9556-3487585f368d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.77; 38.132.118.77; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEON_s4k4oMu_DXmnyglgxoU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 317F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODYyNDgxMTQwMDI0NjY3OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODYyNDgxMTQwMDI0NjY3OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY5sm2hgIwAQ&v=APEucNXYXHq3FOt8Tz-BsYfQnm8GIgt1Rz-uannUAYYqe3L1f3ulICqN59sgZFWgM_NlmZoDa0AGSMpNCiGrHa4cSZs3xC92fw
Protocol
H3
Server
142.251.167.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Feb 2024 23:08:52 GMT
an-x-request-uuid
fda53b5e-6350-4417-ab1e-c0edcffab8bc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0ODYyNDgxMTQwMDI0NjY3OQ%3D%3D
x-proxy-origin
38.132.118.77; 38.132.118.77; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7AA1 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
122981
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 12:59:11 GMT
expires
Thu, 13 Feb 2025 12:59:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 5437 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvPH0_VAQDQz_f4Y_XvAz8RT7RWT2dSA2-aF6QQieVhZJpk4lrTaa4SdIIG1xp6E_lc7hvhVMNqXhRT2ISES9aU26MZ_bwqu3jDrr5D5J9tlRDyiBKXey0UeR8NSOKexSMGJxkkCSLqlAzrUOR4pMgJ9Wy10e18xq-pjpRUShJvxOQN6z_giwBZswoOLSPiB4vNi9OFztCpEQekmSTkar5bn04itYXBIl0IwggHcMzuSZ_tvCbCjDkl_X-LScfR6WaFCkT1pCFrhaOnDfrkPltAvqzoM1Z_ipPC9aEge2lkQFxT8eZOoge7AdLBF87trvzWsmDMYb50QxvTGC_zvW4qNGQrsn8PYR_C_2yPJFzfYIAA_7uaMRDE0UaeCtdWH-KDBgRLe1X2qOBfpYahD6PHwC8gcFP3AmaW2JxHzDpbeMuzJyxaHIhDd-2nBB2J8PbS76ua3399PEL23u-uf_TMiuNEl-BFAA-fFUAB335An5mnQReQLDFhJGJBCFVZLpyDZeVrOJBAg319r1jkuoxfO28jmDQW9ND46cpxlj_C1nqQmoUvPdyb3KScn_Jdbok85KXxoQgWQwkZM5WsGmQKVYhCnjQ_ob6xwN1TgA6rJsX5JlKsPHY42Qu2asrCAHiowboy5gPQLLLm1refVpqMM3zF2De-JHePSvNXu01dzPkdX-IOMMw5Nv7fMeOcEP6AebP-EjSObd8WpJPbcvyfd7fFIa4CA4rGD4wgrJB-EhyR1KLJbjiA2tOjHXpS7pbDGeVc_p30YREk-Nj_DNXuvcBW2_d_cesiWXVsHpRWPCtaeECU3j6LnjuhhJk76vGDtNGJpf5t4ze4au1OUxN3BnMsGvicLNsYPC_1kEfCdvRJ-Hn1csCkGg-alt34WbKX2LL-KlJN5xoIC_s7RBeektGtki5rA1sFODlNqrQjzors_w1p3-jqBnWHUhwdGSz8u4g1JYvjVFb0c2JmPzMjfKEtBIPyqSHVs1eteogCaY2tNZpafcekJm2B8LgCRARgB5PigcpWZ7so8bIzAFk2WAt6_xnyZBXDRCY5Xj5mQwpQng8KoXKsTDlIpMGPVzSDvbTJOqSnlt30GL6j1jPP6gtdwE0nBziNwahiPzJBHSsF853CC2fJnxsEqUbwAYWmZwaWtrwDDrpUvBVW_J-luO8_RLrxUwKLkTZWcLqDlAgVLYGZUKxnz01pN9k8D4mO-Tk79g4OTlxDtdxbUDnc3j-XXJv8zM9FkB-lqVAgJKbfVflsoWZHyDnHlHfM-XXN0Ih4sFtfBBH39G-Bmcxk1j_KPVw0dHO667pmYKj67UCTlolcDUO96IE1QwMMCjNsvIeS5A&sai=AMfl-YRTDDCb-3o9jWKbiJswdLfx5mYJrRQpn1owDvsFeb-vTY1aebuzjDNefIXwbjfAXe-SXQPJaJ7bInooo5Uouj-gZgsiB7cDogL1QD9MH6QqMH3d9eQMjZDJQxUyTiz_oJLKt1GJdqQZU_P8vLRaeXHfXZWb1JxOm3DH47YZnCrSEaKom8v8mRCMhqjGYbprpwgkjO7NNeRcmPacR6irf9FA7pgT7hj1kZUF0s9SwtlgMFe61kafNf0FnLDcPt1roHo_sxF2A08Tg-UZwbM_uZXrrWsP361AEMw0bjUgkV6d0vrhcfEkUiA50aCAARvUtaN6dgh9RHniHwy9G9NWhW9AzuNtbt9KQ7T2OTSFTQOSkz8NIL4eJPV4EQr_2xvE42OsGoiHrPGIB8lQrzdLzNGghnwUkKsB2NmjXyao9hwkLi4wz-iBzpN3ifYZeLlyB4x-qBp82sggQXl3jt7xwFDiq_F-eFlUddljRuyNic3ZHDoTyFRj9V6K4ZWgdRQ4Fik0JSABn9OLaw&sig=Cg0ArKJSzL1o-hhtyly5EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYXplci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=281&vt=11&dtpt=279&dett=2&cstd=0&cisv=r20240214.26506&arae=0&ftch=1&adurl=
Requested by
Host: hh14.com
URL: http://hh14.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 23:08:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 15 Feb 2024 23:08:52 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame DF1E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CfYA5g5nOZd_OKZCdtOUPhdCQgATzvYH0ddTjwZ3-Ed6Jq-zqGhABIOLCmmBgyYaAgNyjxBCgAf39jaUpyAEJqAMByAPLBKoEygFP0BsBz_MnKamPgt1UjfFxUO6MONZhwUERXNP4tmj3bT1...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1ccbe2b174daff040000000000000000%22,%222%22:%220xb2fbc3bd9982a5070000000000000000%22,%223%22:%220xea6029...
0
0
-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
pagead2.googlesyndication.com/bg/ Frame 2DA1 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1038899752628949&output=html&h=60&slotname=1182642820&adk=2920449797&adf=4261137787&pi=t.ma~as.1182642820&w=960&lmt=1708038531&format=960x60&url=http%3A%2F%2F123.wo80.com%2Ftao.php&wgl=1&dt=1708038531302&bpp=1&bdt=758&idt=293&shv=r20240214&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x90&nras=1&correlator=7159387965864&frm=20&pv=1&ga_vid=1557271615.1708038532&ga_sid=1708038532&ga_hid=1646998709&ga_fc=0&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081153%2C31081186%2C44798934%2C95323741%2C95324580%2C95325069%2C95321957%2C95324155%2C95324160%2C95325076&oid=2&pvsid=4126327812283878&tmod=91281302&uas=0&nvt=1&ref=http%3A%2F%2Fhh14.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa77c42fa9d3ea13003f28dda0ecce6f58cfd598e4da5722b4ebfb46df7cbaa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 03:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
71872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19793
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 03:11:00 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 46DC 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=iSyabDGB7Q&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::95 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=iSyabDGB7Q&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Feb 2024 18:47:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame C778 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
20119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 17:33:33 GMT
css
fonts.googleapis.com/ Frame C778 		9 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Feb 2024 23:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 21:18:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Feb 2024 23:08:52 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame C778 		0
0
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame C778 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame C778 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
24447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 16:21:25 GMT
ui
www.google.com/pagead/drt/ Frame BEAD 		0
0
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 6DAE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 19:30:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
13126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 19:30:06 GMT
-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
pagead2.googlesyndication.com/bg/ Frame 7AA1 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 03:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
71872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19793
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 03:11:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0
Gotham-Medium.otf
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 46DC 		0
0
Gotham-Bold.otf
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 46DC 		0
0
noah.min.js
bucket.cdnwebcloud.com/ Frame F5A8 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI0zy25P3O3G3hwi7vX0Ack&google_cver=1&google_hm=2
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1ccbe2b174daff040000000000000000%22,%222%22:%220xb2fbc3bd9982a5070000000000000000%22,%223%22:%220xea60295bd02e6b0000000000000000%22,%224%22:%220x16c864c38c8633470000000000000000%22,%225%22:%220xdfbb5ddfd6af87920000000000000000%22},%22debug_key%22:%2215549373896946890939%22,%22debug_reporting%22:true,%22destination%22:%22https://fertile.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211083677437%22],%2222%22:[%22true%22],%224%22:[%2202-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212356769752603118529%22}&andc=true
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.css
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Domain
www.google.com
URL
https://www.google.com/pagead/drt/ui
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1ccbe2b174daff040000000000000000%22,%222%22:%220xb2fbc3bd9982a5070000000000000000%22,%223%22:%220xea60295bd02e6b0000000000000000%22,%224%22:%220x16c864c38c8633470000000000000000%22,%225%22:%220xdfbb5ddfd6af87920000000000000000%22},%22debug_key%22:%2215549373896946890939%22,%22debug_reporting%22:true,%22destination%22:%22https://fertile.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211083677437%22],%2222%22:[%22true%22],%224%22:[%2202-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212356769752603118529%22}&andc=true
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/11938805746972946677/Gotham-Medium.otf
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/11938805746972946677/Gotham-Bold.otf
Domain
bucket.cdnwebcloud.com
URL
https://bucket.cdnwebcloud.com/noah.min.js?1708038532827

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| H$ function| H$$ function| slider object| adsbygoogle object| _hmt object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlmDchML8ZWsjglwlcBanEdyplsF8FceGk6dE5fmO8cTXcBuDq90cl8dfdE

73 Console Messages

Source Level URL
Text
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://123.wo80.com/tao.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

123.wo80.com
ad.doubleclick.net
bucket.cdnwebcloud.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
hh14.com
hm.baidu.com
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
s0.2mdn.net
s104.cnzz.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
bucket.cdnwebcloud.com
dsum-sec.casalemedia.com
imasdk.googleapis.com
s0.2mdn.net
www.google.com
www.googleadservices.com
103.235.46.191
104.18.36.155
142.251.111.149
142.251.167.154
240e:946:6002:211:3::3dd
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c19::95
47.52.97.92
68.67.179.155
99.86.102.117
006087f10f05891a6530f7272dbbfd6e10225aa97c3fc2fa0c845e76385277ae
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
07f219948d3b81f4e34baa660ec34f410fab67986e8a1ef9b2e611e176aa92fd
093ec573d92c0898036375591bdf04f45b28ec804ad948a26d19201e71b71b1e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
1421fddc778b047b7edf0e73d6d54374b1d21e4f8d65df71d5510e0b5733c828
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
238cabc41e44bebaf99e6e1777b6ad9db81f65b2e89f64c5f4400da4561de447
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
2d05c7b162e4513156c790ee53a49796b9748126c25b66eddbdadc86cf3f0b32
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32f92e97280dd837bcb37ceef6c37a62fd88d567e91a4d1575c9211dc5da8e4a
336950ea8418758aac8d05d560c9a644fd6425fbbd73aa5f0c3e46a69f18f452
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4f754f3b002ce8d97ff3863ccf947ad5611c8dfd0fbc67c05346edc18cf1f348
61d101801c1f9fdd8dddd032ea43c62fe911ddc06914c77ac8928b603f34c2e5
66382724ef5808cf25fc0d7bdfdc7ac1b11834116bba7a72c2997d7265fe5d19
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
7a4518a370c4bb7e043e87d24ff76704d7b9e9beeb9cfba85827840fbf9a1352
85a5440b36f1248ec599c3da3c3b972ef43f42106296f34ec2bcf99c325079dd
8a74f72e2cdb622aa8d5e75802013c0f7862decba4e72797c69b1e7bfd17e8c6
8ffb6556df7f3f1918d5e86802171c0d74975dce7cbe9e0cd175cb10a43a778b
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9de1148b962c36cbbc14e48a7885ef184a11df2f10375d9851e30da90259dfcf
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9
b45036a7fbbb989278a5a25698ec35bf8b215c53811986e5422ca7f7f33d776d
b8d969ed05c3126fbfb485bbca45ad3e4aa9a06c5625c27b3e51faa3cd67483b
bf16e10758391b61cf62ddf2f7655fbfa33f15f6346e178efa057f7f5088610a
c2896e99bae61f50f44000ac75282087e77c0546d45d0ce1f4dbcbc56eaf0456
c85a6409fabbeadc356931dfc993ea5235349af7899d52a1e207f90654acbe17
d0ac0f3fa345ac2736eb26bd641ade1f0041a5ab8bfac014a4c35400db3316fe
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d6954a408293e9a96be0825bf57878d7391b583327f3760b106fd11658ca05d0
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71f80bb851032aadab0b38b259b5f5b38f8ac0afd9dbb6a03ad0f99c5baab87
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0a57625952a9aac15717b7a3e1ea08420e44e7791b5b2b55048cd3d0a2dba7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
fa77c42fa9d3ea13003f28dda0ecce6f58cfd598e4da5722b4ebfb46df7cbaa5