surl.li Open in urlscan Pro
2606:4700:20::681a:513 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://surl.li/kgbpj
Submission: On September 18 via api (September 18th 2023, 8:55:12 pm UTC) from US — Scanned from US

Summary HTTP 139 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 23 domains to perform 139 HTTP transactions. The main IP is 2606:4700:20::681a:513, located in United States and belongs to CLOUDFLARENET, US. The main domain is surl.li. The Cisco Umbrella rank of the primary domain is 551477.
TLS certificate: Issued by GTS CA 1P5 on August 7th 2023. Valid for: 3 months.

This is the only time surl.li was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:20:... 2606:4700:20::681a:513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2607:f8b0:400... 2607:f8b0:4004:c07::9d	15169 (GOOGLE) (GOOGLE)
6 9	2607:f8b0:400... 2607:f8b0:4004:c1b::93	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::63	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::6815:1484	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c0b::65	15169 (GOOGLE) (GOOGLE)
5 24	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::61	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
29	2607:f8b0:400... 2607:f8b0:4004:c1d::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
10	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 13	142.251.111.154 142.251.111.154	15169 (GOOGLE) (GOOGLE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	51.222.239.230 51.222.239.230	16276 (OVH) (OVH)
4 6	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:fed2:9795:78c7:da7f	14618 (AMAZON-AES) (AMAZON-AES)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1 2	23.197.33.36 23.197.33.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.12.144.229 23.12.144.229	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
139	22

14 2606:4700:20::681a:513 (United States)

ASN13335 (CLOUDFLARENET, US)

surl.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c1b::93 (Washington, United States) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::63 (Washington, United States)

ASN15169 (GOOGLE, US)

t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:1484 (United States)

ASN13335 (CLOUDFLARENET, US)

web-screen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c0b::65 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4004:c06::9d (Washington, United States) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.251.111.154 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.239.230 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::90 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:fed2:9795:78c7:da7f (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.197.33.36 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-33-36.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.12.144.229 (Sterling, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-12-144-229.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	652 KB
38	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	217 KB
14	surl.li surl.li — Cisco Umbrella Rank: 551477	393 KB
12	gstatic.com t1.gstatic.com www.gstatic.com fonts.gstatic.com	139 KB
11	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	598 B
9	google.com 6 redirects www.google.com — Cisco Umbrella Rank: 11	1 KB
6	yandex.ru 4 redirects an.yandex.ru — Cisco Umbrella Rank: 4716	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	340 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	22 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	4 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 2022	649 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1469 s.tribalfusion.com — Cisco Umbrella Rank: 3247	1 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1153	732 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 637	877 B
2	web-screen.com web-screen.com	80 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2902	886 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 11034	641 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783	757 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1569	453 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 2199	668 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830	663 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1260	464 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	81 KB
139	23

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
24	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	surl.li pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	surl.li	surl.li
13	cm.g.doubleclick.net	3 redirects surl.li googleads.g.doubleclick.net
10	www.googleadservices.com	surl.li googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
9	www.google.com	6 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	an.yandex.ru	4 redirects
6	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google-analytics.com	surl.li www.google-analytics.com www.googletagmanager.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects
2	onetag-sys.com	2 redirects
2	match.adsrvr.org	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	web-screen.com	surl.li
1	analytics.pangle-ads.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	trace.mediago.io	1 redirects
1	ums.acuityplatform.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	t1.gstatic.com	surl.li
139	30

This site contains links to these domains. Also see Links.

Domain
hyperhost.ua
facebokvaxkyaktxtqs.terbaru-2023.com
secom.com.ua

Subject Issuer	Validity	Valid
surl.li GTS CA 1P5	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-22` - `2024-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://surl.li/kgbpj
Frame ID: 8C4EDF639B5C1407F1F40698185C6D33
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20190131/zrt_lookup.html
Frame ID: E85BE5A46F839DD7BFCC7256C32CC0DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&adk=1812271804&adf=3025194257&lmt=1695106507&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsurl.li%2Fkgbpj&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070506998&bpp=14&bdt=290&idt=193&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8110208252247&frm=20&pv=2&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215
Frame ID: A030E64EBEAA192B4129BD07E98A272B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1695106507&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070507012&bpp=2&bdt=304&idt=211&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNj8Wos9Rx&p=https%3A//surl.li&dtd=214
Frame ID: 443E4E6E3016B80E5D276B5D344C56A9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AB0DEEF1093C08D21CF8ECD039B1498B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8
Frame ID: 84D038C5D2ABA318382F26B77FF9F6E3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&daaos=1695068154767~1695068154767&w=1200&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280%2C1140x90&nras=4&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2078&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6q73xCcRHJ&p=https%3A//surl.li&dtd=13
Frame ID: 457B9D5E578BDEB07E9E2ABB1972233D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=2931138512&pi=t.aa~a.1280659939~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=1&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280%2C1140x90%2C1200x90&nras=5&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lQijWAwte6&p=https%3A//surl.li&dtd=16
Frame ID: 70A63DC89586F4F27501B6525FD24BAC
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
Frame ID: A5C1278EA235E72AC9198C8FC946FD3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1
Frame ID: ADB766D5BF8F23F6D6E24BF8CFD211F7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1
Frame ID: FB36DB10EA9C3FE8FC273B593EB06A43
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7CF6085025AD22EE40669F5882BD81AD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AF01EF77BEB4EDCC80E8A13AB6839CA6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B939660FAFA7ECD826195AC5EEC5E6AE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E83342DB255043E32CF7830DD5C9B54E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7D4F5F8CE5A75D1B72C9B6836AA6609A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
Frame ID: AB47E91F09472619933D96B5DA23FB56
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
Frame ID: D1B23648DDF770B328B7419DE123FDE4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
Frame ID: E656D29B08ABC814AF6603D9CAE5CC2F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
Frame ID: B962395A8BC3495D2333DF7A6A613F02
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9FD4C92558109759B483A1D41FCA459E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1281B5D7D1D8C8EE4CDCCDF327F8655E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
Frame ID: 76A79F8BDFB6EC7B96258E55EC0D0309
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C529BD665C0CC406974CDE08D89475E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8AE942D88F446D39C8A6AFB0CEE2AF13
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Suspected phishing site | Cloudflare

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

139
Requests

87 %
HTTPS

68 %
IPv6

23
Domains

30
Subdomains

22
IPs

4
Countries

1931 kB
Transfer

4747 kB
Size

26
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://hyperhost.ua/en/vpn?utm_source=surl&utm_medium=menu&utm_campaign=menu_text&utm_content=menu_text
Title: VPN

Search URL Search Domain Scan URL

URL: https://facebokvaxkyaktxtqs.terbaru-2023.com/
Title: 4 Go to site

Search URL Search Domain Scan URL

URL: http://hyperhost.ua/tools/terms/term-en.pdf
Title: The rules of usage

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/hosting
Title: Купити Хостинг

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/vps-vds
Title: Купити VPS

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/vpn
Title: Купити VPN

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/
Title: Hyperhost.UA

Search URL Search Domain Scan URL

URL: https://secom.com.ua/
Title: Secom.com.ua

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.google.com/s2/favicons?domain=https://facebokvaXKyaktXTQS.terbaru-2023.com/ HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://facebokvaXKyaktXTQS.terbaru-2023.com/&size=16

Request Chain 40

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 45

https://googleads.g.doubleclick.net/pagead/adview?ai=CMedOK7kIZeWIEbzzvPIPkf2n6A2txbywcZ-Kquq8EQoQASDPyd1vYMmGgIDco8QQoAH_24rIA8gBAagDAcgDywSqBLwBT9B8HFQs8LDTT3IeaukwJMdqIc9itEy6dMD29nphvt2P3Oll_bo-0q_Yrh0a6EMIPY_aeYQR6-zv3X1n8io9Q6BFTftrrv66JgtGvzIZVxat-Nx0ny97JMk3EfiLEFEtlqJjVuEwrt1pUM760axZi3d094WFC0itHJ75Wwi0MO6dDS8meNWB7xwM5LmXxWvlVz-AAC23DkgUIVUxCQd1cXYouSIeESbl8TOZ94GR15SoW011aImmBwmTRIbABO_X9Za7A4gF_76EmCySBQQIBBgBkgUECAUYBIAH0dutogKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDtrSbSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJbWh0dHBzOi8vd3d3LmdyYW1tYXJseS5jb20vYT91dG1fc291cmNlPWdkbiZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249RjImdXRtX2NvbnRlbnQ9Ym1kMjIwMCZ1dG1fcGhhc2U9b3RoZXKACgHICwHaDBEKCxCg57z0_cPP_uwBEgIBA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi01MjEzNDA3MTg4NDA2NzkwGAA&sigh=Nfm4HPl1pgI&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWPu2EiZ1se8KuDqbc2q_LBK3I5llTdhgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd080d0b744da31100000000000000000%22,%222%22:%220xc599a615165ec8f00000000000000000%22,%223%22:%220x72311f51d5fba1630000000000000000%22,%224%22:%220xf85270cf9ca2bfde0000000000000000%22,%225%22:%220x659363a9fc11b2220000000000000000%22},%22debug_key%22:%2213816466991886250727%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22956476927%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221779040910938940401%22}&andc=true

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 81

https://googleads.g.doubleclick.net/pagead/adview?ai=CY66hK7kIZZWFELfPxtYPpv-h6A2txbywcZ-Kquq8EQoQASDPyd1vYMmGgIDco8QQoAH_24rIA8gBAagDAcgDywSqBLkBT9D3oyFjT2DWa8mSTOlh1vJgFX_LEQuzyIe065L2vUEF2fopZer6HO9aWZuHkcNgDh6cGfiqF4D8d1iOK7w7v7r5k5drFsZYhinuwE4tgI06EdjPRCUE681NJIqOVofWws3kRJdzTXfmXPii6fZHZ89nh3RRZbNDlDgWQ1gZWxloFcX6e-NVJz1jzTWi3PJGHq--cML1QIZFizcIRVFPKHFZsTJhzIdp84NKboK8Mykf5O30cpEd9dvABO_X9Za7A4gF_76EmCySBQQIBBgBkgUECAUYBIAH0dutogKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDl8xHSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJbWh0dHBzOi8vd3d3LmdyYW1tYXJseS5jb20vYT91dG1fc291cmNlPWdkbiZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249RjImdXRtX2NvbnRlbnQ9Ym1kMjIwMCZ1dG1fcGhhc2U9b3RoZXKACgHICwHaDBAKChDA4oHMr7eZkkcSAgED2BML0BUBgBcBshccChoIABIUcHViLTUyMTM0MDcxODg0MDY3OTAYAA&sigh=4ac9QtjT1ww&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWJsKAJKcCd7Q-LDDChJHl_-Y2xpxktRgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd080d0b744da31100000000000000000%22,%222%22:%220xc599a615165ec8f00000000000000000%22,%223%22:%220x72311f51d5fba1630000000000000000%22,%224%22:%220xf85270cf9ca2bfde0000000000000000%22,%225%22:%220x659363a9fc11b2220000000000000000%22},%22debug_key%22:%2215783991002261095589%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22956476927%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227495893106652391009%22}&andc=true

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://googleads.g.doubleclick.net/pagead/adview?ai=CZI6-K7kIZZaFELfPxtYPpv-h6A3fzO7nct_1uJrxEdrZHhABIM_J3W9gyYaAgNyjxBCgAZyv-6gCyAECqAMByAPJBKoEvgFP0J54e8-lSt9smt_Gq1OAMZ59JwV8JB6wWlzM7iFRaVahIoqIuLW98WSg7_hK6M6c9YAheKdLqMt3DirlF1fSq8dSXDk_ooVFrmCD2xeTqn-R8LddV7GEK70ZeAxYEbU1FEtr9Wx9NlalTT1EZzV8qgUHxAhGhD6wID9cwbuqEqxeVBLtigzAuxFRfErpGFbXWQTbwnxOibsF-rqsn_twBKDAtPaGDzsuFN0YuXUlPI6DVad-19xEV9ULuyrtwAS8ucvpugSIBYC2l7pMkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQu8YJ0ggUCIBhEAEYHzICigI6AoBASL39wTqaCd0BaHR0cHM6Ly93d3cuaGVyby13YXJzLmNvbS8_ZGVsYXllZHNpZ251cD10cnVlJm54X3NvdXJjZT1hZHhfYWR3b3Jkc2Rpc3BsYXkuaHdfd2JfdWNfLS5jYy11cy5nLW0uYS1taXguYXUtaW50Lm9wdC1mcC5jb20tbmV3YWMuY3Itc3RmcmVlZmlnaHQ2LmNuLTMwMF82MDAubHAtZGVsYXllZC5kdC1kaXNwbGF5LmNpZC0yMDUyMzExMzIxNi5hZ2lkLTE1MzIyOTY0NzAzNi5jc2QtMDUwOTIzLi2ACgHICwHaDBEKCxDAwNW7_vi62KwBEgIBA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MjEzNDA3MTg4NDA2NzkwGAA&sigh=tMk-PAyR11Q&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWJsKAJKcCd7Q-LDDChJHl_-Y2xpxktRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x101b421cbdccedc0000000000000000%22,%222%22:%220xc2d207cb884a0f780000000000000000%22,%223%22:%220x38d92cc94e4665890000000000000000%22,%224%22:%220xcc5c046c67c9f9ee0000000000000000%22,%225%22:%220xa81a99981095ec60000000000000000%22},%22debug_key%22:%221546863753918220395%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22622778268%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227355469090736247777%22}&andc=true

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEHSn_gK2Z6xCSM9ZBuIRH1A&google_cver=1&google_push=AXcoOmT6juv2UnGcOqHpyQBzyqpkBnRpli60T7zTrWpmpqH94QGNa6caiDHP4cZ_vmEsCp98zCLaz5RtiVgcym6vHsQBlzW2Txc6eg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT6juv2UnGcOqHpyQBzyqpkBnRpli60T7zTrWpmpqH94QGNa6caiDHP4cZ_vmEsCp98zCLaz5RtiVgcym6vHsQBlzW2Txc6eg

Request Chain 99

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHnQuXFq0y8M2l0a0crxcj4&google_cver=1&google_push=AXcoOmSJcyichQkhqbdoRyp8wBXns7AWP2c3sGbmqVqXhx73Ew4VZziPZBO4XodsuFkTUiAqT2HH_YRS2pSrb-3i_tv64DCZoJtW2A HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEHnQuXFq0y8M2l0a0crxcj4&google_cver=1&google_push=AXcoOmSJcyichQkhqbdoRyp8wBXns7AWP2c3sGbmqVqXhx73Ew4VZziPZBO4XodsuFkTUiAqT2HH_YRS2pSrb-3i_tv64DCZoJtW2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjdmZGNjN2YtOWJmMy00OTY5LWIzMzItOWZkNjQ1MDcyYTJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=27fdcc7f-9bf3-4969-b332-9fd645072a2c

Request Chain 100

https://ums.acuityplatform.com/tum?umid=4&uid=CAESELj9IP_x-wsetk_8aP6KPDs&google_cver=1&google_push=AXcoOmSCZplYMRUxYGjR0TXdjZmCoTUuGQViJ05r8bn848xb8Sbe5FG2r7Pupb8d3TyVfnTL9ZriB0LRcdSrTgLqBn-V4kyDz4ggqQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=829174808047

Request Chain 101

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMB_k55uhUCPDqaYSgPv_lQ&google_cver=1&google_push=AXcoOmQAeQiuWzLA9VWPZ5_5cgLZZPOO_pUzQLlmmq1oYXtQW1l2Z3oOjCtA29sN_Bv-yHvOIwu2QRs8Avsq3v6ejORj6Oyv86HRGA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQAeQiuWzLA9VWPZ5_5cgLZZPOO_pUzQLlmmq1oYXtQW1l2Z3oOjCtA29sN_Bv-yHvOIwu2QRs8Avsq3v6ejORj6Oyv86HRGA

Request Chain 102

https://an.yandex.ru/mapuid/google/CAESELRrrCLauk9wQa7sH_z_Gl0?ext-param=AXcoOmSrALg8Ss4wtO2d53eY46VaiRlgA7u709spiT4U7CwEOH1UzeGFoHw9KtGmv9_nWQcSa8jpCcDrjDZWGkWOa3M6NRKA_nrqN0Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESELRrrCLauk9wQa7sH_z_Gl0?redir-setuniq=1&ext-param=AXcoOmSrALg8Ss4wtO2d53eY46VaiRlgA7u709spiT4U7CwEOH1UzeGFoHw9KtGmv9_nWQcSa8jpCcDrjDZWGkWOa3M6NRKA_nrqN0Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELRrrCLauk9wQa7sH_z_Gl0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 103

https://trace.mediago.io/cs/google?google_gid=CAESECB6eyNZMOCUPA8DEuP4BXc&google_cver=1&google_push=AXcoOmS96nmN_LrmT4yXYKX8liidTPHcT5A9ZVBf0l7lnU3mp-GtXA-tHHyktwAdMicrBixBBHDznWd5KSTelzHxK9GIwfUNg6NbHbs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS96nmN_LrmT4yXYKX8liidTPHcT5A9ZVBf0l7lnU3mp-GtXA-tHHyktwAdMicrBixBBHDznWd5KSTelzHxK9GIwfUNg6NbHbs&google_hm=f7c6061510910f73a107936455978860

Request Chain 106

https://googleads.g.doubleclick.net/pagead/adview?ai=CF3gBLLkIZdCkO8OdxtYP2vejoAaj7afdcNG-5_WyEZfJ4LSoORABIM_J3W9gyYaAgNyjxBCgAcv48eYCyAECqAMByAPJBKoEyAFP0F43YbHo8K1PIjrJ4kUn9LlYAVO6wzNaXksZxWsK6O_O5lfShZ5KmAhUOJeqpXpN-KjMerrpfX1B2m7lg1UGOUqleOZflUjnG7-l6ndTccrGogIIyMjteBUx9w1hHMm95Ea9xuOh2vd9S_A3xKTougFE4aDQ7fJywtsHnyo-yY6EA1jiY55awVIFGQUHshdL75sWkahRTE-e13pDqzEbj7_lXtD_huwo-86VyGndMy5mKzJGRALokxFQjPa_Il5StHYQNtaeicAEi_rN_KEEiAXj2pjoSZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAedh46ZAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELHZCNIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgk4aHR0cHM6Ly9jYXBpdGFsb25lc2hvcHBpbmcuY29tL2pvaW4tY2FwaXRhbC1vbmUtc2hvcHBpbmeACgHICwHaDBAKChDguda8h-Wp_ngSAgED2BMM0BUBgBcBshccChoIABIUcHViLTUyMTM0MDcxODg0MDY3OTAYAA&sigh=n1QjfO15xo8&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwBpAlJWeAkHOvJVOHLLmITQVn56eDtg4akw8u-4W8t7SC_uc4qsaBUk_KDK2hnjWOLOx5mu7n4qlJaZGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa6071bf3b322c0190000000000000000%22,%222%22:%220x743de9f8a77492d00000000000000000%22,%223%22:%220xd2a31564cd9946c40000000000000000%22,%224%22:%220x48f08bf282be6b5e0000000000000000%22,%225%22:%220x50a2f5f258ff8a4b0000000000000000%22},%22debug_key%22:%2210632567484106458710%22,%22debug_reporting%22:true,%22destination%22:%22https://capitaloneshopping.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22752647243%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227911065988077963521%22}&andc=true

Request Chain 120

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBkIHUFUDgpKZwWLMspWTxU&google_cver=1&google_push=AXcoOmSdajKyv5Yn-GCrT0-q_Bg5Cll7NbkyA_gia9CaThYYkY59jX7b8oD-KOKgJ9whGMFlFmqyhn97SYTKLZyAQ1ngHKBmBLQ_Z5YA2WpCpHhOkOjfWisTo-xW4hej3jNEvO2EsOIlioQeKAI3Fw7fKjSNtQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSdajKyv5Yn-GCrT0-q_Bg5Cll7NbkyA_gia9CaThYYkY59jX7b8oD-KOKgJ9whGMFlFmqyhn97SYTKLZyAQ1ngHKBmBLQ_Z5YA2WpCpHhOkOjfWisTo-xW4hej3jNEvO2EsOIlioQeKAI3Fw7fKjSNtQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBkIHUFUDgpKZwWLMspWTxU&google_cver=1&google_push=AXcoOmSdajKyv5Yn-GCrT0-q_Bg5Cll7NbkyA_gia9CaThYYkY59jX7b8oD-KOKgJ9whGMFlFmqyhn97SYTKLZyAQ1ngHKBmBLQ_Z5YA2WpCpHhOkOjfWisTo-xW4hej3jNEvO2EsOIlioQeKAI3Fw7fKjSNtQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSdajKyv5Yn-GCrT0-q_Bg5Cll7NbkyA_gia9CaThYYkY59jX7b8oD-KOKgJ9whGMFlFmqyhn97SYTKLZyAQ1ngHKBmBLQ_Z5YA2WpCpHhOkOjfWisTo-xW4hej3jNEvO2EsOIlioQeKAI3Fw7fKjSNtQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 121

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO2RfFiq5SBi4OFzV5KaWUs&google_cver=1&google_push=AXcoOmSS1EOQsbYTnXeCkQ77m57aygBzbyQPvv-Jbo5k-yKDvbLMvb9m8a1xYlybzK80Ec04Kss6TC1BEu-3gji3-RnALoN3GHB_uzQRd0-fexX4s6bBnfMmeMJvWslW4esEii5zOT3_fI224AsaHuX5Abk_lNY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSS1EOQsbYTnXeCkQ77m57aygBzbyQPvv-Jbo5k-yKDvbLMvb9m8a1xYlybzK80Ec04Kss6TC1BEu-3gji3-RnALoN3GHB_uzQRd0-fexX4s6bBnfMmeMJvWslW4esEii5zOT3_fI224AsaHuX5Abk_lNY&google_hm=eS1leE9Vb3dsRTJwRVdrZktYX005azlDRF9adnExSENWbn5B

Request Chain 123

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBXMOQwqwdNU4L-PmDQgTgs&google_cver=1&google_push=AXcoOmQlKBEkykc1OqSGehacTLnBWtL0tpkqMGVNLt1lVWIDdk6R5XTVuWzv9owp4-8w9zDJf40k8DkKsG-pKz7Fd_pubfQjy777h2IIZeTn77ySjgjlga76Qw-IaFZ_uF81FVmJKsDkiPVyZY0IFVu2Pe8xZg8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQlKBEkykc1OqSGehacTLnBWtL0tpkqMGVNLt1lVWIDdk6R5XTVuWzv9owp4-8w9zDJf40k8DkKsG-pKz7Fd_pubfQjy777h2IIZeTn77ySjgjlga76Qw-IaFZ_uF81FVmJKsDkiPVyZY0IFVu2Pe8xZg8

Request Chain 124

https://an.yandex.ru/mapuid/google/CAESEDzTOhVww15LgQ1WbOwQsms?ext-param=AXcoOmShzDNUJupD-ZNu7uzmBtXpiRYjF_mgyIlvPvZtTz19uLF5DnvAI3Gwb7ilbgABHu91pw-VL109w-PkxS2zrev4dSXqeRFJ7eUUxGrCfSj4qsfOHiU_rgVHdfT8FwJQR-YqzpY6Hdd9ahoRPPVMVcZB0a0&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEDzTOhVww15LgQ1WbOwQsms?redir-setuniq=1&ext-param=AXcoOmShzDNUJupD-ZNu7uzmBtXpiRYjF_mgyIlvPvZtTz19uLF5DnvAI3Gwb7ilbgABHu91pw-VL109w-PkxS2zrev4dSXqeRFJ7eUUxGrCfSj4qsfOHiU_rgVHdfT8FwJQR-YqzpY6Hdd9ahoRPPVMVcZB0a0&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDzTOhVww15LgQ1WbOwQsms&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 125

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB6HaJuQUh9bSuxbig5BhbY&google_cver=1&google_push=AXcoOmQ4K9bx4aoTsNhByfnIX48PquVoEC1sKkCMcO15bU7LRIj98k3GLxqRs2oYcucnYFnBypFPNA6mFe-Dg2SFW8S2zoir5tXEx07vICsiEpaT7IzNcRb3vWLMzL2bLqHc3HwpNzb1YbueMAh0Ab8jrYUSaGxA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MDhmOGQxYTItY2RiYy00ZGI4LWIyNzItZWNmMzE3YTk2Yjc5&google_push=AXcoOmQ4K9bx4aoTsNhByfnIX48PquVoEC1sKkCMcO15bU7LRIj98k3GLxqRs2oYcucnYFnBypFPNA6mFe-Dg2SFW8S2zoir5tXEx07vICsiEpaT7IzNcRb3vWLMzL2bLqHc3HwpNzb1YbueMAh0Ab8jrYUSaGxA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 126

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEBsVIPzzUuml7BDGpY0lnpA&google_cver=1&google_push=AXcoOmTRdQ08_ruwVAbYM4tyad29ZUbeMuUe_SCqlNjw_7ZHwJJnnfuMc9A2lsP80eZcCSMAYKsVg9YIuj5kgcR08y140vDesbFu7MlRdhVVy0ptz1UYpgDq3hiEWtxQnu3A1fPF-w6sl_JAacJ4MK5ScEvyIUvh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTRdQ08_ruwVAbYM4tyad29ZUbeMuUe_SCqlNjw_7ZHwJJnnfuMc9A2lsP80eZcCSMAYKsVg9YIuj5kgcR08y140vDesbFu7MlRdhVVy0ptz1UYpgDq3hiEWtxQnu3A1fPF-w6sl_JAacJ4MK5ScEvyIUvh

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 129

https://googleads.g.doubleclick.net/pagead/adview?ai=CZq5_LLkIZaTMOuTGxtYP6JaKkA39_fC7csrH2ZmGEZCDhZ4LEAEgz8ndb2DJhoCA3KPEEKAB8Zqg0AHIAQKoAwHIA8kEqgS-AU_QdGQ0iSq8AXVZ6nT0bjDOIUDWxF5asq0RRGc7KkY5BpeVuxrqYq0Ut9-vq3G6PyaM6mAHEuYoPnSadrJFUt9_9mY1KRc9RzV4IWxAs24afR-zLTUbvDmuHFonqwd10FgfJtdI7yoA0Kc9fif3fHh6Y-OPiqBPcsbeACk_zRTlEuzqOWGgeyAqfRUilFAaRbN6P805kzmD6XXSKX_LfAWWbYsd8CzMG-FbfrvUxFefmv8JNGSFxdz3F2DjcdLABMvQqr-9BIgF_uiX5UuSBQQIBBgBkgUECAUYBKAGAoAH9-TfrwKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDWwATSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJIGh0dHBzOi8vZG93bmxvYWQud2F2ZWJyb3dzZXIuY28vgAoByAsB2gwQCgoQ8NiTuczKj6IoEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi01MjEzNDA3MTg4NDA2NzkwGAA&sigh=ntyHWdkLBZI&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWaHa_hwVYyrWD4glQYq8I_rohDaPymEDMpZC21LD2ojqhPiOa2hGlz4YAkt0Nk36iwLNydmA0GAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x73baac22dc8ca0390000000000000000%22,%222%22:%220x28d9dbbfacc661270000000000000000%22,%223%22:%220x7fb6e3f27cb409420000000000000000%22,%224%22:%220x16ae08d427a1523c0000000000000000%22,%225%22:%220xebad135802807e920000000000000000%22},%22debug_key%22:%227409274777057144900%22,%22debug_reporting%22:true,%22destination%22:%22https://wavebrowser.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22436735345%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210613960581746200225%22}&andc=true

139 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request kgbpj Show response
surl.li/ 13 KB
4 KB 503ms
427ms Document
text/html 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.3

Resource Hash

d05e5cda107802c22eba6c2c30b962a2cd9d9066a350f0286607badfae2b7a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 808c7ce85f6509e6-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 20:55:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqg%2BnJgvgcpNa7JUjh9W4MMbdw7L27qNi6vQ2LJaJH2XFOjTpDN2z1Sxwxo4hdKrmGScdEm1bL4OVr22Rc7Cv%2FkfFyceMwKbo0nna2wEY8nmMXHUbPy4e6IjHoAsj27Uu%2FgZ%2BCc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.2.3

GET
H2 200 app.css
surl.li/css/ 157 KB
27 KB 43ms
42ms Stylesheet
text/css 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/css/app.css

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c8e62a177cc410209e651ae35eb303b9979c6e52a894885ff1aa5769a413ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/kgbpj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2041
content-encoding: br
last-modified: Fri, 26 May 2023 09:44:27 GMT
server: cloudflare
etag: W/"64707f7b-2758b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJ6SA6FUCUSqewgct%2FfFt0kO6vEfOaIUAP%2F7%2F8LEqYr7iIdqyhLwCg8lOKoytfSBRrcS3lKDWB8s6SO9BGZY8W%2FjRh6pKB2UIIJvOtJWb%2FVfE90uuT4rb%2BHGD%2BW3niD%2Ftjbp2YE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 808c7ceb0b5c09e6-MIA
access-control-allow-headers: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 192ms
86ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c69cbb7b2910649091ab1b8e8ed853e161ce1c6e326f15e82fc5c154ff16f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51014
x-xss-protection: 0
server: cafe
etag: 14699426338610332823
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 20:55:06 GMT

GET
H2 200 surli-logo.svg
surl.li/img/ 9 KB
4 KB 69ms
67ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/surli-logo.svg

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/kgbpj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2115
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-233d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THaQhKfmJe0F445Emyk6XpDcQgbNr23OgRoqy5rviM4h5WvVqGzp%2FIzEyiphBdUyJ51ZWhda4LusSNdodW9cN%2BULdRxEV77zkw7q%2FPNhF%2FGFlvGNkFcNgLvVqGAc1QmARgrWEp8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 808c7ceb0b6609e6-MIA
access-control-allow-headers: *

GET
H2

404

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://facebokvaXKyaktXTQS.terbaru-2023.com/
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://facebokvaXKyaktXTQS.terbaru-2023.com/&size=16

726 B
917 B

171ms
65ms

Image
image/png

2607:f8b0:4004:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://facebokvaXKyaktXTQS.terbaru-2023.com/&size=16

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Server

2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:07 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
x-xss-protection: 0

Redirect headers

date: Mon, 18 Sep 2023 20:55:06 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://facebokvaXKyaktXTQS.terbaru-2023.com/&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Mon, 18 Sep 2023 21:25:06 GMT

GET
H2 200 plug.jpg
web-screen.com/img/ 13 KB
14 KB 116ms
37ms Image
image/jpeg 2606:4700:3032::6815:1484
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-screen.com/img/plug.jpg

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1484 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2199
alt-svc: h3=":443"; ma=86400
content-length: 13510
last-modified: Mon, 29 Aug 2022 13:27:44 GMT
server: cloudflare
etag: "630cbed0-34c6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plaMdQGCH%2FJh5VOYaroRZDuR7U2FBrLo9IFzpjS9JdKKWHr3dQxjzmpLFG4Uivs1B9gHBupeDpNPny0Uc16h0eorXjzChO31Se2fW5X0bEhCgn2YkOT961RwtYHup5qMvxNIFdFyomiGC2RZaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 808c7ceb8a3fda2f-MIA

GET
H2 200 pc-rouded-icon.svg
surl.li/img/ 20 KB
15 KB 37ms
36ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/pc-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/kgbpj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2115
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-4f3e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHGpGSSMH8LP6CsJABxlKZG9PVV4AE7ivmOd12BcMbJcaG21qvIbuR3%2FyMk0u%2FI7oTp1Vv5lERTjk%2FGUxyeCbtyojkPdES%2BPcmgkpN58w8Rpx480vSg%2BspnmvKDmLBJQqQbL2co%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 808c7ceb0b6809e6-MIA
access-control-allow-headers: *

GET
H2 200 gears-rouded-icon.svg
surl.li/img/ 4 KB
1 KB 67ms
66ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/gears-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/kgbpj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2115
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-e1f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfMTMJHYkoszgSQTikaito%2FPONHeGIs8vE6b0%2BwL3rcztYFJ9%2F1U2ikAen7HCSSD%2BKz3gRa9k7vzhRaAd1wY6gLUO1BFf7AGlpOPNGQ1jm%2FnbhV4ZafZ4fyQjK1dcNuzF6OFTs4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 808c7ceb0b6909e6-MIA
access-control-allow-headers: *

GET
H2 200 planet-rouded-icon.svg
surl.li/img/ 5 KB
3 KB 38ms
37ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/planet-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/kgbpj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2115
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-1574"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFmQdmGIYvesY3SHGcawkIMolb3lzTsYRvFlWHifUb6tV%2FlhnZTsvFe%2FWgwxaJzEY3YtT44qP3H3taJQxjP%2F0u7PSEKmhdVBihvjFeckrcETV9tdv9F3SCFuKQtWO53l0ss7KyQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 808c7ceb0b6c09e6-MIA
access-control-allow-headers: *

GET
H2 200 mastercard.svg
surl.li/img/ 9 KB
4 KB 39ms
38ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/mastercard.svg

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2059d0f36e3b59dd1957bbf7b43c6a5fb1e80a1a624816945f476220633cef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/kgbpj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2114
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-2394"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyJWlBA%2Fw1hH0sg9745v%2B9qRaTLMuSR4CKAqiKyDsD0%2FvbCpjUeamXzvJnaqNHjxM3hKNcXUmfALHDMGOQVHHIPm0yBnhQAXcTVcOyXRJRW5xdC3oUzVV%2Bae8vTp4SYqUcvzAL8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 808c7ceb0b6e09e6-MIA
access-control-allow-headers: *

GET
H2 200 visa.svg
surl.li/img/ 2 KB
1 KB 41ms
40ms Image
image/svg+xml 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/visa.svg

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fcbd380cfe4653cf6146accc638be75cbcb555d30c003116e83c38121c60aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/kgbpj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2115
content-encoding: br
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: W/"64a2d1d5-76a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NxvaP1togWnYmkb1%2B%2BB8E276dNQjW7tlKNFDHajvKNH3JXUKm9qniRJEgM3owzMCM1TXW7YFsrfoxq%2FXZSYnYsNaymedo%2BtQPF5%2BYwjhGZeHkRDA7GCdpONQ6zX3tCGTiil2Rc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 808c7ceb0b6f09e6-MIA
access-control-allow-headers: *

GET
H2 200 email-decode.min.js Show response
surl.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 32ms
29ms Script
application/javascript 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/kgbpj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 15:48:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6500883e-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38VA7dd3SLzy7xhzMk5SclbMOd%2B1PE35nF8D7ZnIMk7vG%2B3SEgZxKYLWTu2GfyG5hhXXto%2BW0bQjsikp4tE3N%2FjJwDQWfuqUAH7dQULHMzE7d6J7ty%2BOAI3NPlXzz%2BfdqIJD%2BHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 808c7ceb0b6209e6-MIA
expires: Wed, 20 Sep 2023 20:55:06 GMT

GET
H2 200 app.js Show response
surl.li/js/ 182 KB
58 KB 68ms
65ms Script
application/javascript 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/js/app.js

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4b8fcebb61ea4d696e03b5cb3c8e8c9e61df67c8867a7842b79f97298f054e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/kgbpj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2041
content-encoding: br
last-modified: Fri, 26 May 2023 09:44:27 GMT
server: cloudflare
etag: W/"64707f7b-2d6b6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcubRffDryDN9sHwKXkEexQLxNbgYdPbHLsUY9KT4dj%2BPccnSMBT9oiBum0Pw8yXsn0UDF4rShSXg%2BuikuLDg43JDLRCEDAOY1m3bMJYe5IiukTS3dGNsQdUZFAnh9nL5wH2dF4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 808c7ceb0b6309e6-MIA
access-control-allow-headers: *

GET
H2 200 preview.js Show response
surl.li/js/ 88 KB
32 KB 43ms
41ms Script
application/javascript 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/js/preview.js

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b26c3a19858e9cf2dafc02349c62bb38a95350d642354b5ff209a7cd299548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/kgbpj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2041
content-encoding: br
last-modified: Fri, 06 Jan 2023 14:56:57 GMT
server: cloudflare
etag: W/"63b836b9-15ff1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrMnTNLkL43th9GuMhnfERvRhzmcQ72MwpWX3p%2BbRi1lTOrSfFpAP5arrdgXOp%2Bym9PRhMCrU4yX3YnGFZx28EBBZWx0DFdR1C0%2ByLJmWS9htwNOV1ugiRfJ3aW5AKipAI11OSs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 808c7ceb0b6509e6-MIA
access-control-allow-headers: *

GET
H2 200 Roboto-Regular.ttf
surl.li/fonts/roboto/ 127 KB
127 KB 45ms
45ms Font
application/octet-stream 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/roboto/Roboto-Regular.ttf

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1299
content-length: 129584
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: "64a2d1d5-1fa30"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBgVTmoCBVf8aW7ThOQWslq%2BZqDQmPht9oAQRvYlaDgwlYvAtbnt7E5u2roANvLELcP%2BEzNi%2Ffq4uAHps2rJYTtf4SJ8ZfM5sEg50%2BftdlrTl5mZuaqH44mU02jMwpUNaqNf8H4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 808c7ceb5bf009e6-MIA
access-control-allow-headers: *

GET
H2 200 Rubik-Medium.ttf
surl.li/fonts/rubik/ 113 KB
114 KB 40ms
40ms Font
application/octet-stream 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/rubik/Rubik-Medium.ttf

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1299
content-length: 116056
last-modified: Mon, 03 Jul 2023 13:49:09 GMT
server: cloudflare
etag: "64a2d1d5-1c558"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FAA6AXQwNF%2F02ornv00iX1LkZMrjupaxsU4gbRtmHjAY2AVkDBINrlBxkw%2F2ZtaMV2O%2BVQ9wNzRvHjbb2FcCtziRV%2BXoQtZLz6BfV6hZ2tnyEukBDZYrnIk6ppenHyVhU%2BBDgg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 808c7ceb5bf609e6-MIA
access-control-allow-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 159ms
53ms Script
text/javascript 2607:f8b0:4004:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::65 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Sep 2023 20:11:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2632
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 18 Sep 2023 22:11:14 GMT

POST
H2 200 getPreview Show response
surl.li/ 100 B
1 KB 552ms
551ms XHR
application/json 2606:4700:20::681a:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/getPreview

Requested by

Host: surl.li
URL: https://surl.li/js/preview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:513 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.3

Resource Hash

681829d59c6c53557ea53b3b304958db58fba8787e5fc6ecc2ccdba52d052021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://surl.li/kgbpj
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: QdHA4sbeOMTciElii4M4JJmSPE7tV5BAuFSy3krM
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 18 Sep 2023 20:55:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: PHP/8.2.3
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xfODDyxZTvoLUcLLuuOcH7qgWalUmBeE4TinQTvHrgaP8uryCZnIiQin7lcxGpPhbndUXW845MmqZT8wzcvYrrLZSzHYSX7g4mijETbnUzSmcG%2BD4uRXH7uxk9A7Wlc5yq9Qxk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 808c7cebfcdd09e6-MIA
access-control-allow-headers: *

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 380 KB
129 KB 89ms
88ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db9a580bbc3dd8b41c30a671ffc461d004a8b910205f67a46904fb5bbbad43f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131870
x-xss-protection: 0
server: cafe
etag: 3130839717658801059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 20:55:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230914/r20190131/ Frame E85B 10 KB
5 KB 160ms
53ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230914/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 15:45:19 GMT
etag: 8554266389219770021
expires: Mon, 02 Oct 2023 15:45:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 384ms
383ms Script
text/javascript 2607:f8b0:4004:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::65 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:19:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 18 Sep 2023 21:19:58 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
598 B 168ms
62ms Script
text/javascript 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=surl.li&callback=_gfp_s_&client=ca-pub-5213407188406790

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87c3f17ae390bc0d1f92a9c65a38fc8ae6b8328571a822c783ae5c26da681c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A030 426 KB
78 KB 1595ms
1594ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&adk=1812271804&adf=3025194257&lmt=1695106507&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsurl.li%2Fkgbpj&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070506998&bpp=14&bdt=290&idt=193&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8110208252247&frm=20&pv=2&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0977e7b8a4ec14c6a6ee9abab21e0798e10f07dba63fa49a4f1ceca418fddaba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 79984
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:08 GMT
expires: Mon, 18 Sep 2023 20:55:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 443E 118 KB
41 KB 1267ms
1266ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1695106507&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070507012&bpp=2&bdt=304&idt=211&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNj8Wos9Rx&p=https%3A//surl.li&dtd=214

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25d0e77b5801f00acb914de3f5ff28b5b9f309afeeb33f0b6fc7ce17691515b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:08 GMT
expires: Mon, 18 Sep 2023 20:55:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 28b459bd-33aa-404c-8b7b-b79d45c2d327.png
web-screen.com/storage/screenshots/2023/08/ 66 KB
66 KB 287ms
286ms Image
image/png 2606:4700:3032::6815:1484
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-screen.com/storage/screenshots/2023/08/28b459bd-33aa-404c-8b7b-b79d45c2d327.png

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1484 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24556bc3b8316b2183f9dcd2ad778b8ecacdea2af535527a7c40e591bbbf62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:07 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 67521
last-modified: Sat, 19 Aug 2023 18:30:22 GMT
server: cloudflare
etag: "64e10a3e-107c1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qefwg9kU%2B7Ai%2FTMioiDoeoiwehqrMepCl6jpEnda33FBQ7Hk56%2FrWJ0SDBCbZ4EQ%2FeppZoRAsX9HjitXfphPbngy%2BxMO6NuPONWQbN8u33mFLjkkOZX%2BYkQpSRxiRXMBkZmtoZ8G9EACIL2TZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 808c7cef6893da2f-MIA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 61ms
60ms XHR
text/plain 2607:f8b0:4004:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1769107062&t=pageview&_s=1&dl=https%3A%2F%2Fsurl.li%2Fkgbpj&ul=en-us&de=UTF-8&dt=Suspected%20phishing%20site%20%7C%20Cloudflare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIhAAAAACAAI~&jid=915389551&gjid=1124541624&cid=1980089820.1695070507&tid=UA-18721904-9&_gid=607082006.1695070507&_slc=1&z=320485993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::65 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

d03b8dbcc23821d74a8f91c60b2c1ca1141a23c1d51680572626ae4b0fcec1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://surl.li/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
340 B 166ms
60ms XHR
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18721904-9&cid=1980089820.1695070507&jid=915389551&gjid=1124541624&_gid=607082006.1695070507&_u=KGBAgEIhAAAAAGAAI~&z=1364321097

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://surl.li/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 18 Sep 2023 20:55:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 176ms
69ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BVLF49G8NB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f3920378b0f97a81cd0f910c88427a7148356ac1bd040d2f3be27fdc4ac5328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82601
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Sep 2023 20:55:07 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 60ms
60ms Ping
text/plain 2607:f8b0:4004:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BVLF49G8NB&gtm=45je39d0&_p=1769107062&ul=en-us&sr=1600x1200&cid=1980089820.1695070507&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsurl.li%2Fkgbpj&dt=Suspected%20phishing%20site%20%7C%20Cloudflare&sid=1695070507&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVLF49G8NB&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::65 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame 443E 9 KB
4 KB 161ms
53ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1695106507&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070507012&bpp=2&bdt=304&idt=211&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNj8Wos9Rx&p=https%3A//surl.li&dtd=214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:27:20 GMT

GET
H2 200 eb24e5338fb35f0e823aa45ca63cea7d.js Show response
www.gstatic.com/mysidia/ Frame 443E 11 KB
5 KB 163ms
55ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eb24e5338fb35f0e823aa45ca63cea7d.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4726
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 00:15:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:57:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 443E 15 KB
2 KB 176ms
69ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 20:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:37:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 20:55:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 443E 23 KB
9 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:06:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 443E 3 KB
1 KB 74ms
73ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 01:42:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 443E 20 KB
8 KB 160ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:09:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 443E 182 KB
57 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 20:55:08 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 443E 36 KB
15 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 22:13:16 GMT

GET
H2 200 15173678459868135885
tpc.googlesyndication.com/simgad/ Frame 443E 3 KB
3 KB 69ms
69ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15173678459868135885?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3532c989163498f203503c71bb9597bc487ae518d623f3f4731371e9394f96d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:42:17 GMT
x-content-type-options: nosniff
age: 367971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3082
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 22:28:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Sep 2024 14:42:17 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 443E 33 KB
34 KB 158ms
54ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:06:19 GMT
x-content-type-options: nosniff
age: 355729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:06:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB0D 143 B
166 B 54ms
53ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1695106507&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070507012&bpp=2&bdt=304&idt=211&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jNj8Wos9Rx&p=https%3A//surl.li&dtd=214
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:03:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 443E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df57d177a571338e2897cd5766f33eee772a47d2cb8f90752f464a055dd8d0fe

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB0D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

61ms
61ms

Document
text/html

2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:08 GMT
expires: Mon, 18 Sep 2023 20:55:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 154 KB
52 KB 76ms
76ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a19b8fffe189a8060387a4349b7abc28d374ced9c696d0f05aefd263488a7aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53702
x-xss-protection: 0
server: cafe
etag: 13726796866913856930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 20:55:08 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84D0 98 KB
39 KB 657ms
656ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af14a4d0c4902766bdb19b2b697134dd12cf7228d489b172f3f2404363b2d031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39603
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
expires: Mon, 18 Sep 2023 20:55:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 457B 436 B
238 B 346ms
345ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&daaos=1695068154767~1695068154767&w=1200&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280%2C1140x90&nras=4&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2078&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6q73xCcRHJ&p=https%3A//surl.li&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3c2b711909fc420d52bd7965b1cd7bdbdd60b2e26c17cadaaa80c55e53df77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
expires: Mon, 18 Sep 2023 20:55:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 70A6 97 KB
38 KB 416ms
415ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=2931138512&pi=t.aa~a.1280659939~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=1&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280%2C1140x90%2C1200x90&nras=5&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lQijWAwte6&p=https%3A//surl.li&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c99b17873d36a90d4a3488c24950d2407b230e97f4d9dbfc38f47d7f6ba0f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38443
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
expires: Mon, 18 Sep 2023 20:55:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 443E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CMedOK7kIZeWIEbzzvPIPkf2n6A2txbywcZ-Kquq8EQoQASDPyd1vYMmGgIDco8QQoAH_24rIA8gBAagDAcgDywSqBLwBT9B8HFQs8LDTT3IeaukwJMdqIc9itEy6dMD29nphvt2P3Oll_bo...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd080d0b744da31100000000000000000%22,%222%22:%220xc599a615165ec8f00000000000000000%22,%223%22:%220x72311f...

0
0

161ms
58ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd080d0b744da31100000000000000000%22,%222%22:%220xc599a615165ec8f00000000000000000%22,%223%22:%220x72311f51d5fba1630000000000000000%22,%224%22:%220xf85270cf9ca2bfde0000000000000000%22,%225%22:%220x659363a9fc11b2220000000000000000%22},%22debug_key%22:%2213816466991886250727%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22956476927%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221779040910938940401%22}&andc=true

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd080d0b744da31100000000000000000","2":"0xc599a615165ec8f00000000000000000","3":"0x72311f51d5fba1630000000000000000","4":"0xf85270cf9ca2bfde0000000000000000","5":"0x659363a9fc11b2220000000000000000"},"debug_key":"13816466991886250727","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["956476927"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"1779040910938940401"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Sep 2023 20:55:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Sep 2023 20:55:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd080d0b744da31100000000000000000","2":"0xc599a615165ec8f00000000000000000","3":"0x72311f51d5fba1630000000000000000","4":"0xf85270cf9ca2bfde0000000000000000","5":"0x659363a9fc11b2220000000000000000"},"debug_key":"13816466991886250727","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["956476927"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"1779040910938940401"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js Show response
pagead2.googlesyndication.com/bg/ Frame A5C1 38 KB
14 KB 55ms
55ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 15:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14699
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 15:02:37 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 165ms
59ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 20:55:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/ Frame ADB7 10 KB
4 KB 53ms
53ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 4625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 19:38:04 GMT
etag: 8554266389219770021
expires: Mon, 02 Oct 2023 19:38:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/ Frame FB36 10 KB
4 KB 53ms
53ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 4625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 19:38:04 GMT
etag: 8554266389219770021
expires: Mon, 02 Oct 2023 19:38:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/ Frame 7CF6 10 KB
4 KB 53ms
53ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 4625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 19:38:04 GMT
etag: 8554266389219770021
expires: Mon, 02 Oct 2023 19:38:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame ADB7 9 KB
4 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:27:20 GMT

GET
H3 200 eb24e5338fb35f0e823aa45ca63cea7d.js Show response
www.gstatic.com/mysidia/ Frame ADB7 11 KB
5 KB 54ms
54ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eb24e5338fb35f0e823aa45ca63cea7d.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4726
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 00:15:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:57:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ADB7 15 KB
1 KB 70ms
67ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 20:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 19:17:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 20:55:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame ADB7 23 KB
9 KB 54ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:06:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame ADB7 3 KB
1 KB 66ms
64ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 01:42:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame ADB7 20 KB
8 KB 59ms
57ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:09:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADB7 182 KB
57 KB 56ms
55ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 20:55:09 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame ADB7 36 KB
15 KB 55ms
53ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 22:13:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame FB36 23 KB
9 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:06:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF01 143 B
166 B 53ms
52ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:03:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame FB36 3 KB
1 KB 58ms
57ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 01:42:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame FB36 20 KB
8 KB 58ms
57ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:09:04 GMT

GET
H2 200 5987351992445053808
tpc.googlesyndication.com/daca_images/simgad/ Frame FB36 109 KB
109 KB 63ms
62ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5987351992445053808

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

285b4f7a68667690efaff375a8e6db0b32529703944886d3e5a6faa4755594ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:50:59 GMT
x-content-type-options: nosniff
age: 371050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111276
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 16:49:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Sep 2024 13:50:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB36 182 KB
57 KB 57ms
56ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 20:55:09 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame FB36 35 KB
14 KB 140ms
139ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab3a8d4b08d504ad5847e8bd132c66e7f0c5822da1895f9be7454a990487e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:34:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
server: cafe
etag: 1865743863185650171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 22:34:59 GMT

GET
H3 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame 7CF6 9 KB
4 KB 57ms
57ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:27:20 GMT

GET
H3 200 eb24e5338fb35f0e823aa45ca63cea7d.js Show response
www.gstatic.com/mysidia/ Frame 7CF6 11 KB
5 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eb24e5338fb35f0e823aa45ca63cea7d.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4726
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 00:15:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:57:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7CF6 15 KB
1 KB 68ms
66ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 20:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 19:34:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 20:55:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 7CF6 23 KB
9 KB 138ms
136ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:06:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 7CF6 3 KB
1 KB 141ms
139ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 01:42:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 7CF6 20 KB
8 KB 135ms
134ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:09:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7CF6 182 KB
57 KB 77ms
76ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 20:55:09 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 7CF6 36 KB
15 KB 58ms
58ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 22:13:16 GMT

GET
H2 200 4881345053204007294
tpc.googlesyndication.com/simgad/ Frame ADB7 1 KB
1 KB 97ms
94ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4881345053204007294?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e13b675150973ba2454260044d6d1482f83150e3d38ac483e19a888464fcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 10:29:46 GMT
x-content-type-options: nosniff
age: 383123
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1190
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 20:20:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Sep 2024 10:29:46 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame ADB7 33 KB
33 KB 54ms
52ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:06:19 GMT
x-content-type-options: nosniff
age: 355730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:06:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B939 143 B
166 B 53ms
52ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:03:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ADB7 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5eb6f8f754d0eecf5da0ae253bffb7904da2e14d1d67a0e464238214136ee846

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF01
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
64ms

Document
text/html

2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
expires: Mon, 18 Sep 2023 20:55:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 15039336994393159170
tpc.googlesyndication.com/daca_images/simgad/ Frame 70A6 14 KB
14 KB 52ms
52ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15039336994393159170

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=2931138512&pi=t.aa~a.1280659939~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=1&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280%2C1140x90%2C1200x90&nras=5&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lQijWAwte6&p=https%3A//surl.li&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faaccd249dd75ba8a6d1c7b79883859fae1f37fa2a449cd36e84653a5fc0824d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:51:24 GMT
x-content-type-options: nosniff
age: 371025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14563
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 06:04:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Sep 2024 13:51:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E833 143 B
166 B 53ms
53ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:03:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame ADB7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CY66hK7kIZZWFELfPxtYPpv-h6A2txbywcZ-Kquq8EQoQASDPyd1vYMmGgIDco8QQoAH_24rIA8gBAagDAcgDywSqBLkBT9D3oyFjT2DWa8mSTOlh1vJgFX_LEQuzyIe065L2vUEF2fopZer...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd080d0b744da31100000000000000000%22,%222%22:%220xc599a615165ec8f00000000000000000%22,%223%22:%220x72311f...

0
0

60ms
59ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd080d0b744da31100000000000000000%22,%222%22:%220xc599a615165ec8f00000000000000000%22,%223%22:%220x72311f51d5fba1630000000000000000%22,%224%22:%220xf85270cf9ca2bfde0000000000000000%22,%225%22:%220x659363a9fc11b2220000000000000000%22},%22debug_key%22:%2215783991002261095589%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22956476927%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227495893106652391009%22}&andc=true

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd080d0b744da31100000000000000000","2":"0xc599a615165ec8f00000000000000000","3":"0x72311f51d5fba1630000000000000000","4":"0xf85270cf9ca2bfde0000000000000000","5":"0x659363a9fc11b2220000000000000000"},"debug_key":"15783991002261095589","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["956476927"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"7495893106652391009"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Sep 2023 20:55:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Sep 2023 20:55:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd080d0b744da31100000000000000000","2":"0xc599a615165ec8f00000000000000000","3":"0x72311f51d5fba1630000000000000000","4":"0xf85270cf9ca2bfde0000000000000000","5":"0x659363a9fc11b2220000000000000000"},"debug_key":"15783991002261095589","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["956476927"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"7495893106652391009"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 70A6 23 KB
9 KB 67ms
66ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:06:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 70A6 3 KB
1 KB 55ms
55ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 01:42:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7D4F 1 KB
643 B 54ms
53ms Document
text/html 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 40511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 09:39:58 GMT
etag: 48472445140208031
expires: Tue, 19 Sep 2023 09:39:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 70A6 20 KB
8 KB 57ms
57ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:09:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 70A6 0
0 66ms
65ms Image
text/html 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgjKCSRzDBo1Fbb8hkPDosatuGOeR9vN64u46oOZ81_Cztp0oRodI52H0anXdCCgHvUuJq8n2J1QJ_1gbeVTzEqVsJow
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=2931138512&pi=t.aa~a.1280659939~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=1&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280%2C1140x90%2C1200x90&nras=5&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lQijWAwte6&p=https%3A//surl.li&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 70A6 182 KB
57 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 20:55:09 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 70A6 35 KB
14 KB 73ms
72ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab3a8d4b08d504ad5847e8bd132c66e7f0c5822da1895f9be7454a990487e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:34:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
server: cafe
etag: 1865743863185650171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 22:34:59 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B939
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
61ms

Document
text/html

2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
expires: Mon, 18 Sep 2023 20:55:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js Show response
pagead2.googlesyndication.com/bg/ Frame AB47 38 KB
14 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 15:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14699
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 15:02:37 GMT

GET
DATA 200
OK truncated
/ Frame FB36 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e11b3fceb47d6c7447ed869a28f7a383ee5ad62cae4ece1b6e435a523c76ae9d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js Show response
pagead2.googlesyndication.com/bg/ Frame D1B2 38 KB
14 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 15:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14699
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 15:02:37 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FB36
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZI6-K7kIZZaFELfPxtYPpv-h6A3fzO7nct_1uJrxEdrZHhABIM_J3W9gyYaAgNyjxBCgAZyv-6gCyAECqAMByAPJBKoEvgFP0J54e8-lSt9smt_Gq1OAMZ59JwV8JB6wWlzM7iFRaVahIoq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x101b421cbdccedc0000000000000000%22,%222%22:%220xc2d207cb884a0f780000000000000000%22,%223%22:%220x38d92cc...

0
0

59ms
59ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x101b421cbdccedc0000000000000000%22,%222%22:%220xc2d207cb884a0f780000000000000000%22,%223%22:%220x38d92cc94e4665890000000000000000%22,%224%22:%220xcc5c046c67c9f9ee0000000000000000%22,%225%22:%220xa81a99981095ec60000000000000000%22},%22debug_key%22:%221546863753918220395%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22622778268%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227355469090736247777%22}&andc=true

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x101b421cbdccedc0000000000000000","2":"0xc2d207cb884a0f780000000000000000","3":"0x38d92cc94e4665890000000000000000","4":"0xcc5c046c67c9f9ee0000000000000000","5":"0xa81a99981095ec60000000000000000"},"debug_key":"1546863753918220395","debug_reporting":true,"destination":"https://hero-wars.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["622778268"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"7355469090736247777"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Sep 2023 20:55:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Sep 2023 20:55:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x101b421cbdccedc0000000000000000","2":"0xc2d207cb884a0f780000000000000000","3":"0x38d92cc94e4665890000000000000000","4":"0xcc5c046c67c9f9ee0000000000000000","5":"0xa81a99981095ec60000000000000000"},"debug_key":"1546863753918220395","debug_reporting":true,"destination":"https://hero-wars.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["622778268"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"7355469090736247777"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E833
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
62ms

Document
text/html

2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
expires: Mon, 18 Sep 2023 20:55:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 60ms
58ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd080d0b744da31100000000000000000%22,%222%22:%220xc599a615165ec8f00000000000000000%22,%223%22:%220x72311f51d5fba1630000000000000000%22,%224%22:%220xf85270cf9ca2bfde0000000000000000%22,%225%22:%220x659363a9fc11b2220000000000000000%22},%22debug_key%22:%2215783991002261095589%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22956476927%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227495893106652391009%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 20:55:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js Show response
pagead2.googlesyndication.com/bg/ Frame E656 38 KB
14 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 15:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14699
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 15:02:37 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7D4F 35 B
464 B 444ms
147ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBGud6_Uj3zmgceRNjx7TW0&google_cver=1&google_push=AXcoOmTmX21UnhPLXESddtc3bywZh2UF7_55ARJeHEnTpoz2M5tqxQkFLlKpE3iTdyFYKge5OhgRO58FZGKhglWHGvn3KZHyOC0YxQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7D4F
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEHSn_gK2Z6xCSM9ZBuIRH1A&google_cver=1&google_push=AXcoOmT6juv2UnGcOqHpyQBzyqpkBnRpli60T7zTrWpmpqH94QGNa6caiDHP4cZ_vmEsCp98zCLaz...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT6juv2UnGcOqHpyQBzyqpkBnRpli60T7zTrWpmpqH94QGNa6caiDHP4cZ_vmEsCp98zCLaz5RtiVgcym6vHsQBlzW2Txc6eg

170 B
232 B

65ms
62ms

Image
image/png

142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT6juv2UnGcOqHpyQBzyqpkBnRpli60T7zTrWpmpqH94QGNa6caiDHP4cZ_vmEsCp98zCLaz5RtiVgcym6vHsQBlzW2Txc6eg

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 20:55:09 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 74B1D3953CB14551982C14A8B61A5C39 Ref B: MIAEDGE2317 Ref C: 2023-09-18T20:55:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT6juv2UnGcOqHpyQBzyqpkBnRpli60T7zTrWpmpqH94QGNa6caiDHP4cZ_vmEsCp98zCLaz5RtiVgcym6vHsQBlzW2Txc6eg
x-li-source-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFqFuX+gAiRvhy3aOSIA==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7D4F
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHnQuXFq0y8M2l0a0crxcj4&google_cver=1&google_push=AXcoOmSJcyichQkhqbdoRyp8wBXns7AWP2c3sGbmqVqXhx73Ew4VZziPZBO4XodsuFkTUiAqT2HH_YRS2pSrb-3i_t...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEHnQuXFq0y8M2l0a0crxcj4&google_cver=1&google_push=AXcoOmSJcyichQkhqbdoRyp8wBXns7AWP2c3sGbmqVqXhx73Ew4VZziPZBO4XodsuFkTUiAqT2HH_YRS2pSrb-3i_t...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjdmZGNjN2YtOWJmMy00OTY5LWIzMzItOWZkNjQ1MDcyYTJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=27fdcc7f-9bf3-4969-b332-9fd645072a2c

170 B
232 B

63ms
63ms

Image
image/png

142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjdmZGNjN2YtOWJmMy00OTY5LWIzMzItOWZkNjQ1MDcyYTJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=27fdcc7f-9bf3-4969-b332-9fd645072a2c

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjdmZGNjN2YtOWJmMy00OTY5LWIzMzItOWZkNjQ1MDcyYTJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=27fdcc7f-9bf3-4969-b332-9fd645072a2c
date: Mon, 18 Sep 2023 20:55:09 GMT
server: Kestrel
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7D4F
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESELj9IP_x-wsetk_8aP6KPDs&google_cver=1&google_push=AXcoOmSCZplYMRUxYGjR0TXdjZmCoTUuGQViJ05r8bn848xb8Sbe5FG2r7Pupb8d3TyVfnTL9ZriB0LRcdSrTgLqBn-V4kyDz...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=829174808047

170 B
329 B

63ms
61ms

Image
image/png

142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=829174808047

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=829174808047
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7D4F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMB_k55uhUCPDqaYSgPv_lQ&google_cver=1&google_push=AXcoOmQAeQiuWzLA9VWPZ5_5cgLZZPOO_pUzQLlmmq1oYXtQW1l2Z3oOjCtA29sN_Bv-yHvOIwu2QRs8Avsq...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQAeQiuWzLA9VWPZ5_5cgLZZPOO_pUzQLlmmq1oYXtQW1l2Z3oOjCtA29sN_Bv-yHvOIwu2QRs8Avsq3v6ejORj6Oyv86HRGA

170 B
232 B

66ms
63ms

Image
image/png

142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQAeQiuWzLA9VWPZ5_5cgLZZPOO_pUzQLlmmq1oYXtQW1l2Z3oOjCtA29sN_Bv-yHvOIwu2QRs8Avsq3v6ejORj6Oyv86HRGA

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQAeQiuWzLA9VWPZ5_5cgLZZPOO_pUzQLlmmq1oYXtQW1l2Z3oOjCtA29sN_Bv-yHvOIwu2QRs8Avsq3v6ejORj6Oyv86HRGA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 7D4F
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESELRrrCLauk9wQa7sH_z_Gl0?ext-param=AXcoOmSrALg8Ss4wtO2d53eY46VaiRlgA7u709spiT4U7CwEOH1UzeGFoHw9KtGmv9_nWQcSa8jpCcDrjDZWGkWOa3M6NRKA_nrqN0Q&partner-tag=yandex_a...
https://an.yandex.ru/mapuid/google/CAESELRrrCLauk9wQa7sH_z_Gl0?redir-setuniq=1&ext-param=AXcoOmSrALg8Ss4wtO2d53eY46VaiRlgA7u709spiT4U7CwEOH1UzeGFoHw9KtGmv9_nWQcSa8jpCcDrjDZWGkWOa3M6NRKA_nrqN0Q&part...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELRrrCLauk9wQa7sH_z_Gl0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

190ms
189ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 Sep 2024 20:55:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7D4F
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESECB6eyNZMOCUPA8DEuP4BXc&google_cver=1&google_push=AXcoOmS96nmN_LrmT4yXYKX8liidTPHcT5A9ZVBf0l7lnU3mp-GtXA-tHHyktwAdMicrBixBBHDznWd5KSTelzHxK9GIwfUNg...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS96nmN_LrmT4yXYKX8liidTPHcT5A9ZVBf0l7lnU3mp-GtXA-tHHyktwAdMicrBixBBHDznWd5KSTelzHxK9GIwfUNg6NbHbs&google_hm=f7c60615109...

170 B
232 B

65ms
62ms

Image
image/png

142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS96nmN_LrmT4yXYKX8liidTPHcT5A9ZVBf0l7lnU3mp-GtXA-tHHyktwAdMicrBixBBHDznWd5KSTelzHxK9GIwfUNg6NbHbs&google_hm=f7c6061510910f73a107936455978860

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmS96nmN_LrmT4yXYKX8liidTPHcT5A9ZVBf0l7lnU3mp-GtXA-tHHyktwAdMicrBixBBHDznWd5KSTelzHxK9GIwfUNg6NbHbs&google_hm=f7c6061510910f73a107936455978860
date: Mon, 18 Sep 2023 20:55:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7D4F 0
130 B 171ms
59ms Image
text/html 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-bx5U4ae5S-L3fFKbRq9GJURLWE4WcuptksUN-PSRyObVAeZu_ND5jSIQEefT-zxO2sIApp8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 70A6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c3185e5b99383ec16a0788512f44bf419a12ad9df6e9bd0971d4a526b4801a1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 70A6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CF3gBLLkIZdCkO8OdxtYP2vejoAaj7afdcNG-5_WyEZfJ4LSoORABIM_J3W9gyYaAgNyjxBCgAcv48eYCyAECqAMByAPJBKoEyAFP0F43YbHo8K1PIjrJ4kUn9LlYAVO6wzNaXksZxWsK6O_...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa6071bf3b322c0190000000000000000%22,%222%22:%220x743de9f8a77492d00000000000000000%22,%223%22:%220xd2a315...

0
0

60ms
60ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa6071bf3b322c0190000000000000000%22,%222%22:%220x743de9f8a77492d00000000000000000%22,%223%22:%220xd2a31564cd9946c40000000000000000%22,%224%22:%220x48f08bf282be6b5e0000000000000000%22,%225%22:%220x50a2f5f258ff8a4b0000000000000000%22},%22debug_key%22:%2210632567484106458710%22,%22debug_reporting%22:true,%22destination%22:%22https://capitaloneshopping.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22752647243%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227911065988077963521%22}&andc=true

Requested by

Host: surl.li
URL: https://surl.li/kgbpj

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa6071bf3b322c0190000000000000000","2":"0x743de9f8a77492d00000000000000000","3":"0xd2a31564cd9946c40000000000000000","4":"0x48f08bf282be6b5e0000000000000000","5":"0x50a2f5f258ff8a4b0000000000000000"},"debug_key":"10632567484106458710","debug_reporting":true,"destination":"https://capitaloneshopping.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["752647243"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"7911065988077963521"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Sep 2023 20:55:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Sep 2023 20:55:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa6071bf3b322c0190000000000000000","2":"0x743de9f8a77492d00000000000000000","3":"0xd2a31564cd9946c40000000000000000","4":"0x48f08bf282be6b5e0000000000000000","5":"0x50a2f5f258ff8a4b0000000000000000"},"debug_key":"10632567484106458710","debug_reporting":true,"destination":"https://capitaloneshopping.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["752647243"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"7911065988077963521"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 60ms
59ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 20:55:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 609139330589413146
tpc.googlesyndication.com/simgad/ Frame 84D0 14 KB
14 KB 55ms
54ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/609139330589413146?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlvCh2xw9NSPTs8gwpRwUB2IiGOrQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f3281976a5f3c16251ecaf342705954072e6ce5eb8db11bc638d4e4798453d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 23:04:33 GMT
x-content-type-options: nosniff
age: 78636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14062
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 19:47:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 16 Sep 2024 23:04:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 84D0 23 KB
9 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:06:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 84D0 3 KB
1 KB 66ms
65ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 01:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 01:42:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 84D0 20 KB
8 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 13:09:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 84D0 0
0 67ms
66ms Image
text/html 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSadm5Qp6CkxZXjFEwSKSc6qqRKPsjic2s-Sl2wD9o3EQ7RxHs69McVtlRJspH8LzvW33BruLu6D-8-DPjuley6ZCGKIA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84D0 182 KB
57 KB 57ms
55ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 20:55:09 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 84D0 35 KB
14 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab3a8d4b08d504ad5847e8bd132c66e7f0c5822da1895f9be7454a990487e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:34:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
server: cafe
etag: 1865743863185650171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 22:34:59 GMT

GET
H3 200 N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js Show response
pagead2.googlesyndication.com/bg/ Frame B962 38 KB
14 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 15:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14699
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 15:02:37 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9FD4 143 B
166 B 55ms
53ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:03:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1281 1 KB
643 B 55ms
54ms Document
text/html 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 40511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 09:39:58 GMT
etag: 48472445140208031
expires: Tue, 19 Sep 2023 09:39:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 59ms
59ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 20:55:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 84D0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f747a908d4935ddc3ca399e9ed99e6f7170b5eccf3bc66ad028dfa86331876ac

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1281
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBkIHUFUDgpKZwWLMspWTxU&google_cver=1&google_push=AXcoOmSdajKyv5Yn-GCrT0-q_Bg5Cll7NbkyA_gia9CaThYYkY59jX7b8oD-KOKgJ9whGMFlFmqyhn97SYTKLZyAQ1ngHKBmBLQ_Z...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBkIHUFUDgpKZwWLMspWTxU&google_cver=1&google_push=AXcoOmSdajKyv5Yn-GCrT0-q_Bg5Cll7NbkyA_gia9CaThYYkY59jX7b8oD-KOKgJ9whGMFlFmqyhn97SYTKLZyAQ1ngHKBmBLQ...

43 B
449 B

110ms
109ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBkIHUFUDgpKZwWLMspWTxU&google_cver=1&google_push=AXcoOmSdajKyv5Yn-GCrT0-q_Bg5Cll7NbkyA_gia9CaThYYkY59jX7b8oD-KOKgJ9whGMFlFmqyhn97SYTKLZyAQ1ngHKBmBLQ_Z5YA2WpCpHhOkOjfWisTo-xW4hej3jNEvO2EsOIlioQeKAI3Fw7fKjSNtQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSdajKyv5Yn-GCrT0-q_Bg5Cll7NbkyA_gia9CaThYYkY59jX7b8oD-KOKgJ9whGMFlFmqyhn97SYTKLZyAQ1ngHKBmBLQ_Z5YA2WpCpHhOkOjfWisTo-xW4hej3jNEvO2EsOIlioQeKAI3Fw7fKjSNtQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:10 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 808c7cff8fb7224b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:09 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 19
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBkIHUFUDgpKZwWLMspWTxU&google_cver=1&google_push=AXcoOmSdajKyv5Yn-GCrT0-q_Bg5Cll7NbkyA_gia9CaThYYkY59jX7b8oD-KOKgJ9whGMFlFmqyhn97SYTKLZyAQ1ngHKBmBLQ_Z5YA2WpCpHhOkOjfWisTo-xW4hej3jNEvO2EsOIlioQeKAI3Fw7fKjSNtQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSdajKyv5Yn-GCrT0-q_Bg5Cll7NbkyA_gia9CaThYYkY59jX7b8oD-KOKgJ9whGMFlFmqyhn97SYTKLZyAQ1ngHKBmBLQ_Z5YA2WpCpHhOkOjfWisTo-xW4hej3jNEvO2EsOIlioQeKAI3Fw7fKjSNtQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 808c7cfeded0224b-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1281
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO2RfFiq5SBi4OFzV5KaWUs&google_cver=1&google_push=AXcoOmSS1EOQsbYTnXeCkQ77m57aygBzbyQPvv-Jbo5k-yKDvbLMvb9m8a1xYlybzK80Ec04Kss6TC1BEu-3gji3-RnALoN...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSS1EOQsbYTnXeCkQ77m57aygBzbyQPvv-Jbo5k-yKDvbLMvb9m8a1xYlybzK80Ec04Kss6TC1BEu-3gji3-RnALoN3GHB_uzQRd0-fexX4s6bBnfMmeMJvWslW4esEi...

170 B
188 B

61ms
61ms

Image
image/png

142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSS1EOQsbYTnXeCkQ77m57aygBzbyQPvv-Jbo5k-yKDvbLMvb9m8a1xYlybzK80Ec04Kss6TC1BEu-3gji3-RnALoN3GHB_uzQRd0-fexX4s6bBnfMmeMJvWslW4esEii5zOT3_fI224AsaHuX5Abk_lNY&google_hm=eS1leE9Vb3dsRTJwRVdrZktYX005azlDRF9adnExSENWbn5B

Protocol

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 20:55:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSS1EOQsbYTnXeCkQ77m57aygBzbyQPvv-Jbo5k-yKDvbLMvb9m8a1xYlybzK80Ec04Kss6TC1BEu-3gji3-RnALoN3GHB_uzQRd0-fexX4s6bBnfMmeMJvWslW4esEii5zOT3_fI224AsaHuX5Abk_lNY&google_hm=eS1leE9Vb3dsRTJwRVdrZktYX005azlDRF9adnExSENWbn5B
content-length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 1281 43 B
641 B 586ms
194ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESECHIJnRtCIBOUfELTSOfv8M&google_cver=1&google_push=AXcoOmTpkSYDNbs2CichF1zw4DhxyVAqo5nOVWkJREGdR6WPtYBM-jrl6uQdI7h_9cER72LB4m2MdeN6EXiznoPV1UGyybt2LlVYCsLMZBGlG_jreABbwgJPqBGIIt_5hf0I6JtwVzaEoiSEuWvfbl8COyH9HeE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Mon, 18 Sep 2023 20:55:10 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1281
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBXMOQwqwdNU4L-PmDQgTgs&google_cver=1&google_push=AXcoOmQlKBEkykc1OqSGehacTLnBWtL0tpkqMGVNLt1lVWIDdk6R5XTVuWzv9owp4-8w9zDJf40k8DkKsG-p...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQlKBEkykc1OqSGehacTLnBWtL0tpkqMGVNLt1lVWIDdk6R5XTVuWzv9owp4-8w9zDJf40k8DkKsG-pKz7Fd_pubfQjy777h2IIZeTn77ySjgjlga76...

170 B
188 B

67ms
66ms

Image
image/png

142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQlKBEkykc1OqSGehacTLnBWtL0tpkqMGVNLt1lVWIDdk6R5XTVuWzv9owp4-8w9zDJf40k8DkKsG-pKz7Fd_pubfQjy777h2IIZeTn77ySjgjlga76Qw-IaFZ_uF81FVmJKsDkiPVyZY0IFVu2Pe8xZg8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQlKBEkykc1OqSGehacTLnBWtL0tpkqMGVNLt1lVWIDdk6R5XTVuWzv9owp4-8w9zDJf40k8DkKsG-pKz7Fd_pubfQjy777h2IIZeTn77ySjgjlga76Qw-IaFZ_uF81FVmJKsDkiPVyZY0IFVu2Pe8xZg8
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 1281
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEDzTOhVww15LgQ1WbOwQsms?ext-param=AXcoOmShzDNUJupD-ZNu7uzmBtXpiRYjF_mgyIlvPvZtTz19uLF5DnvAI3Gwb7ilbgABHu91pw-VL109w-PkxS2zrev4dSXqeRFJ7eUUxGrCfSj4qsfOHiU_rgVH...
https://an.yandex.ru/mapuid/google/CAESEDzTOhVww15LgQ1WbOwQsms?redir-setuniq=1&ext-param=AXcoOmShzDNUJupD-ZNu7uzmBtXpiRYjF_mgyIlvPvZtTz19uLF5DnvAI3Gwb7ilbgABHu91pw-VL109w-PkxS2zrev4dSXqeRFJ7eUUxGrC...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEDzTOhVww15LgQ1WbOwQsms&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

190ms
190ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 Sep 2024 20:55:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 1281
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB6HaJuQUh9b...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MDhmOGQxYTItY2RiYy00ZGI4LWIyNzItZWNmMzE3YTk2Yjc5&google_push=AXcoOmQ4K9bx4aoTsNhByfnIX48PquVoEC1sKkCMcO15bU7LRIj98k3GLxqRs2oYcucnY...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

69ms
69ms

Image
image/gif

23.197.33.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.197.33.36 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-33-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Mon, 18 Sep 2023 20:55:10 GMT
pragma: no-cache
date: Mon, 18 Sep 2023 20:55:10 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1281
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEBsVIPzzUuml7BDGpY0lnpA&google_cver=1&google_push=AXcoOmTRdQ08_ruwVAbYM4tyad29ZUbeMuUe_SCqlNjw_7ZHwJJnnfuMc9A2lsP80eZ...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTRdQ08_ruwVAbYM4tyad29ZUbeMuUe_SCqlNjw_7ZHwJJnnfuMc9A2lsP80eZcCSMAYKsVg9YIuj5kgcR08y140vDesbFu7MlRdhVVy0ptz1UYpgDq3hiEWtx...

170 B
188 B

65ms
64ms

Image
image/png

142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTRdQ08_ruwVAbYM4tyad29ZUbeMuUe_SCqlNjw_7ZHwJJnnfuMc9A2lsP80eZcCSMAYKsVg9YIuj5kgcR08y140vDesbFu7MlRdhVVy0ptz1UYpgDq3hiEWtxQnu3A1fPF-w6sl_JAacJ4MK5ScEvyIUvh

Protocol

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 150008b1
date: Mon, 18 Sep 2023 20:55:09 GMT
x-bytefaas-request-id: 202309182055095491705B8C8932B9A343
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-67-229.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=2, origin; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202309182055095491705B8C8932B9A343
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTRdQ08_ruwVAbYM4tyad29ZUbeMuUe_SCqlNjw_7ZHwJJnnfuMc9A2lsP80eZcCSMAYKsVg9YIuj5kgcR08y140vDesbFu7MlRdhVVy0ptz1UYpgDq3hiEWtxQnu3A1fPF-w6sl_JAacJ4MK5ScEvyIUvh
x-bytefaas-execution-duration: 4.52
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 9,23.36.67.229
x-tt-trace-host: 01cb90cb49bcab59d5496298afc4de51931116022ec77ecc08f8da77f1d2504a23b4855934091fd76dfe0fe13fb32c96aa077bbdd9676f15c6c3d09f7f37084650eafd707e1bd5608df26d9d707fdd320c970d6268aee3162a5020289432d8af3e
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Mon, 18 Sep 2023 20:55:09 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1281 0
40 B 60ms
59ms Image
text/html 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNEQ2TFbZBBb5De1m62akBZHQWrYAdSIQqE4tLGP9lb_Q4agzl2yL0FjkgRuffeuv--hzImaW4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9FD4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
65ms

Document
text/html

2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
expires: Mon, 18 Sep 2023 20:55:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 84D0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZq5_LLkIZaTMOuTGxtYP6JaKkA39_fC7csrH2ZmGEZCDhZ4LEAEgz8ndb2DJhoCA3KPEEKAB8Zqg0AHIAQKoAwHIA8kEqgS-AU_QdGQ0iSq8AXVZ6nT0bjDOIUDWxF5asq0RRGc7KkY5Bpe...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x73baac22dc8ca0390000000000000000%22,%222%22:%220x28d9dbbfacc661270000000000000000%22,%223%22:%220x7fb6e3...

0
0

59ms
58ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x73baac22dc8ca0390000000000000000%22,%222%22:%220x28d9dbbfacc661270000000000000000%22,%223%22:%220x7fb6e3f27cb409420000000000000000%22,%224%22:%220x16ae08d427a1523c0000000000000000%22,%225%22:%220xebad135802807e920000000000000000%22},%22debug_key%22:%227409274777057144900%22,%22debug_reporting%22:true,%22destination%22:%22https://wavebrowser.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22436735345%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210613960581746200225%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x73baac22dc8ca0390000000000000000","2":"0x28d9dbbfacc661270000000000000000","3":"0x7fb6e3f27cb409420000000000000000","4":"0x16ae08d427a1523c0000000000000000","5":"0xebad135802807e920000000000000000"},"debug_key":"7409274777057144900","debug_reporting":true,"destination":"https://wavebrowser.co","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["436735345"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"10613960581746200225"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Sep 2023 20:55:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Sep 2023 20:55:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x73baac22dc8ca0390000000000000000","2":"0x28d9dbbfacc661270000000000000000","3":"0x7fb6e3f27cb409420000000000000000","4":"0x16ae08d427a1523c0000000000000000","5":"0xebad135802807e920000000000000000"},"debug_key":"7409274777057144900","debug_reporting":true,"destination":"https://wavebrowser.co","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["436735345"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"10613960581746200225"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 59ms
59ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Sep 2023 20:55:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 443E 42 B
64 B 180ms
73ms Fetch
image/gif 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutikTxUK_bcKemttXezy9IdGXjYTCcq1s0KqrEzrDzGEmhOFBnrUJKQiPRX4I1zBTgd-xwjgV9EclRJhjfFgxOblcXiNfSTZ3peohNKlk6Jnc7zAFnqQZUw_Wht8qN80YJMkC_C_LWQQ&sai=AMfl-YTdxFFiJab6Hnvgap0hfF_BHoV6H0wrbZh1iyfr3Ec1oa8h4exlVpyS9vAQHjGjqET2LsKlBESQMK1r&sig=Cg0ArKJSzMd6Q-WtE0PEEAE&cid=CAQSGwBpAlJWPu2EiZ1se8KuDqbc2q_LBK3I5llTdhgB&id=lidar2&mcvt=1000&p=0,0,280,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1430589424&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695070507227&rpt=1714&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 154ms
78ms XHR
application/json 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230914&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d8e8b6592e05914fea7b02bd76703f9fece4b37f583331e247383d3bc09717d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12163
x-xss-protection: 0

GET
H3 200 N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js Show response
pagead2.googlesyndication.com/bg/ Frame 76A7 38 KB
14 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=90&adk=1086357554&adf=1913353579&pi=t.aa~a.929332419~rp.4&daaos=1695068154767~1695068154767&w=1140&fwrn=4&fwrnh=100&lmt=1695106508&rafmt=1&to=qs&pwprc=9566348750&format=1140x90&url=https%3A%2F%2Fsurl.li%2Fkgbpj&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695070508903&bpp=1&bdt=2195&idt=-M&shv=r20230914&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4aac3baae52a848b-22ee2fb4f2e3005a%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw&gpic=UID%3D00000d93bc94ad32%3AT%3D1695070507%3ART%3D1695070507%3AS%3DALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw&prev_fmts=0x0%2C1110x280&nras=3&correlator=8110208252247&frm=20&pv=1&ga_vid=1980089820.1695070507&ga_sid=1695070507&ga_hid=1769107062&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1950&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077704%2C31077969%2C42531705&oid=2&psts=AOrYGslpv6nAmtMEEX7-PgtAlCS9WSKeUw8Ss9g6XsckAV23X3-eqXa4o7T8P3i46qqzcmJNpa0vGhTUxULKes3OVU2a8Q&pvsid=2732585735114840&tmod=461081986&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aT4RFFC2Ds&p=https%3A//surl.li&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 15:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14699
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 15:02:37 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
55ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 20:55:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C52 13 KB
5 KB 54ms
53ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 409810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 03:05:00 GMT
expires: Fri, 13 Sep 2024 03:05:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8AE9 829 B
559 B 69ms
68ms Document
text/html 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5012d4ad797f67a4dc00fb4e5c684e5ee3135a30fb789ad607bd543558db378c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lxuMCa_6h-FQRkXDFsEfDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-lxuMCa_6h-FQRkXDFsEfDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:55:10 GMT
expires: Mon, 18 Sep 2023 20:55:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C52 37 KB
14 KB 54ms
54ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 09:45:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 472194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 09:45:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8AE9 0
0 62ms
62ms Image
text/html 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230914&jk=2732585735114840&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2C52 0
10 B 52ms
52ms Image
text/plain 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XqvLZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ADB7 42 B
64 B 64ms
63ms Fetch
image/gif 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkYREnocMqVQ0HKYGhgctTQYQ3ytbv1vrXB14MfrXXOzUX7lrtLuOuLEFaOOCDeOffyTZAR7K8nEdD57C2qBf-imOboenqJlpnxV9V8rppzzTE1-kuKBb7A6FRcgkyYnHHNBWKDGAnkg&sai=AMfl-YSjcom4JKsvlaEO6h6intEv76GLbuempp1FSQj_yTxcEKJofw4OJW3E8_sG67VCRMKwbI34kpbwOSpH&sig=Cg0ArKJSzBzibACq_QVYEAE&cid=CAQSGwBpAlJWJsKAJKcCd7Q-LDDChJHl_-Y2xpxktRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=92,759,1000,1097,1097&tos=92,667,241,97,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695070509083&rpt=312&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FB36 42 B
64 B 65ms
65ms Fetch
image/gif 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuH-8tMttn8s7d0LNrLwQ1_FW6QprWJOgV_7ymUeJ9HL2K8BNljEOnmyJGbmxOMpGor-6c-XzNh4SiIhoqwTDnO3hYzUF8WC0z8exjSfoAyuQW4r41c0Gl4XO_LyFQU_HrobqLOEMU6vw&sai=AMfl-YQNUBHEUHSjX80LqASEXltUhicLHxTybWOII6RJFJ6xw0asmkuntgmZ2uMsCz2UztYJ59YOu9F4Zfrl&sig=Cg0ArKJSzMpMLcfISCqxEAE&cid=CAQSGwBpAlJWJsKAJKcCd7Q-LDDChJHl_-Y2xpxktRgB&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695070509095&rpt=232&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 20:55:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230914&jk=2732585735114840&bg=!Q0ClQA_NAAbP3fMH7907ADQBe5WfOIDi0OXyHgzPu9_6CI3z1CK2XxJ2DMMlo1oQE-WgV9zFemnyjD9qm4gWNzUPekL0AgAAAEJSAAAAB2gBB5kDC_xttXO384YurTsn8jryfwCcMz_Lsrs-hN9iIaxbuW9nh-0uZn325SL2IZe5RwMnruUj5ClxQthuDwvrJUtQiz0fD83nzTsgRoDAmP6nmhWOmCM3L2eReDopiwCc-X_epHYsJk-a9lfM38VemMW1keKMYuaC5uoOekPR-RS-MmjxftUy7MngeHyGSVFM9yIXj-tCq8rTMc3fCEoIAeKGWdvc0x5Gye_jTE1EiGo5qMs9MWeRD5xWYwFVfNW2vezOSKEoNu_UTbSs9oI9Qn9BTzXdRCw9GRkfa47Cg48a1uzzz2oHdvOYcXir5xrW4aofH0WenNYRtJIZ1L2vyxrvAEtCZWt_tLNhuFcx9R8R-mpOnlXzZbzHKFd2SnkxPB1IlZOxuTvngDvajxHUwtFe53F3fdBMA87RMwzYNgou_C-JC3z85HXScyNGMKDLLNYYrmNiKiwnHLkpNnFAvN1w7RHlJXpmxO-sSGZqS1_TjVx5KBWWybQl0fUhxWoMkppX_Pgnh0E3HHlTMAJeEUANXxSlvppie5ISqIPx1s896S9LobKR6ALFyxIqbPdOo7a2EktRovvzoNOsBRp1EFRSmww1cqtI9lnlJACfFTCKkeoufokfzMGM2Cv6lrNb-1kE1RqZ67EO2i0iD4RQpCb53nLD7BCyazv6LszBdDLTrR-xqhi3NfdGQofMBMyPVD90FY-fGf7lINCezeMTG29AY0s0XYudnzpggCkgY0BC5j8d5iWrVq4fdPsvzCatjhI7mvJLVYg1HiT9XxZvy-oY5sFjqtAuQ4AyiuO01VKXt_MTOQtLK1DnbmEd1K5H4Cs0k06Bbwd7OA3Rb6X2PZDe6Sqg4DZRbo-vQEXpvL3_HzGqQ18trWwQQXr8WrpDBOEPK_nEN-JzpI_BHcLPGTC0p4T_faLY6kvRrN8p_N04sjDPCbndm0nz_TMFEIp4Imkpl84HZJhXkG48siO50VbE2-3cu_OETS-Ne7VxYVwtyg4sV6SKMKE0vjRj5vXZ_wPjSZDirR1u7xaMGLPt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.surl.li/	1970-01-21 00:27:10	Name: _ga Value: GA1.2.1980089820.1695070507
.surl.li/	1970-01-20 14:52:36	Name: _gid Value: GA1.2.607082006.1695070507
.surl.li/	1970-01-21 00:12:46	Name: __gads Value: ID=4aac3baae52a848b-22ee2fb4f2e3005a:T=1695070507:RT=1695070507:S=ALNI_Ma8VtlSAaLY_lVPwzc6qhuFdejidw
.surl.li/	1970-01-21 00:12:46	Name: __gpi Value: UID=00000d93bc94ad32:T=1695070507:RT=1695070507:S=ALNI_Mbccg81AGemcRL-8ZLz_jThMfmifw
surl.li/	1970-01-20 14:51:17	Name: XSRF-TOKEN Value: eyJpdiI6ImJhYjFDTTIwZElDeGd2dlZQaitDUnc9PSIsInZhbHVlIjoiUXlPd1B3VThBTzRWL0ZjRkpXMVBjSi9JQVF1dEhaUHI5elhBMzAvK1BITy9MUlRTNEVlWnNnYVpsWDM2a0t3T1M0REwwVmwwLzVBbWNqNXFJNllSSng2aHFGMzJRZysrZkN1dFBNcHd5SUZ0bHJYVDk3K29VTHBiSGt4bDBydDciLCJtYWMiOiJmMmNhYTQyOWFhYjlhMmQ0MTUxOWRjZWFmM2JhZDM5YjA3M2ViNDFmOTlhMTVhNTJiODY0NzJkMjQ1ZDBiOGRhIiwidGFnIjoiIn0%3D
surl.li/	1970-01-20 14:51:17	Name: surli_application_session Value: eyJpdiI6Ikw2Ym5yNmx5emcyRXRiMnFUQjdsL0E9PSIsInZhbHVlIjoiMzJOMnNIL2h5NXhkaVoxbEdnR0hSZEZRVWI1M0ZpNUJ4YTM2NDB6c0hYcTVYVVQ5R3pJN3F2enI4TGFmSjZPUmZNMDhpK1pZTGo1eXNDcTBNVHcvb2lZM2F3d0M5c1hoT2J3ZzM5VTVlOXRBem1qTHdGWHVsYXdhRHBxN2xQTFciLCJtYWMiOiJiYjllMjk1MjI3ZGZjNzcxZGM4YTE2YjM4MjJlOWNiODQ0Y2RlZDViNWRjZGZhYWNmNWY5MWIxZDI3N2M0OTJlIiwidGFnIjoiIn0%3D
.surl.li/	1970-01-20 14:51:10	Name: _gat Value: 1
.surl.li/	1970-01-21 00:27:10	Name: _ga_BVLF49G8NB Value: GS1.2.1695070507.1.0.1695070507.0.0.0
.doubleclick.net/	1970-01-20 14:51:14	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 17:00:46	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 00:27:10	Name: IDE Value: AHWqTUnIOzeGY-VQsRLlV8wLQoT42P-tMSwqGc9M-UyDr8Nx6Y9b1mrTRSv6CPzLWsc
.adsrvr.org/	1970-01-20 23:38:12	Name: TDID Value: 27fdcc7f-9bf3-4969-b332-9fd645072a2c
.acuityplatform.com/	1970-01-20 23:36:46	Name: auid Value: 829174808047
.acuityplatform.com/	1970-01-20 23:36:46	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRSpCNVKcmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUqQjVSnI90aGlyZFBhcnR5VXNlcklkWkNBRVNFTGo5SVBfeC13c2V0a184YVA2S1BEc/v7hnZlcnNpb27C+w=="
.linkedin.com/	1970-01-20 23:36:46	Name: bcookie Value: "v=2&94eb0fca-a06f-4d88-843b-d7725d486664"
.linkedin.com/	1970-01-20 14:52:36	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2670:u=1:x=1:i=1695070509:t=1695156909:v=2:sig=AQF2BXKANriHyU_lYmkL-2JWpSmK81GI"
.mediago.io/	1970-01-20 23:36:46	Name: __mguid_ Value: f7c6061510910f73a107936455978860
.adsrvr.org/	1970-01-20 23:38:12	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIltuUwPKknDwQBRgFIAEoAjILCL7gtOyIpZw8EAU4AQ..
.quantserve.com/	1970-01-20 17:00:46	Name: d Value: EEwBCQH9KYEA
.quantserve.com/	1970-01-21 00:21:24	Name: mc Value: 6508b92d-d523b-ed1fc-b8b1d
.yahoo.com/	1970-01-20 23:37:08	Name: A3 Value: d=AQABBC25CGUCEKY3pqhS5jEVtzvPAlHyD38FEgEBAQEKCmUSZQAAAAAA_eMAAA&S=AQAAAlxiks8zkzuYa912l-Sl3aI
.yandex.ru/	1970-01-21 00:27:10	Name: yuidss Value: 6250176621695070509
.yandex.ru/	1970-01-21 00:27:10	Name: yandexuid Value: 6250176621695070509
.teads.tv/	1970-01-20 23:35:20	Name: tt_viewer Value: 08f8d1a2-cdbc-4db8-b272-ecf317a96b79
.tribalfusion.com/	1970-01-20 17:00:46	Name: ANON_ID Value: awnt6ZayOZbSFoJTyBr0uRwTgYOV61UuvArfRfWR5VrPGcrTUPWoXtqsTcZdhuFTnS9s5k0BcMf6knfP5RWN7pdsMItT9YI
.send.microad.jp/	1970-01-20 17:00:46	Name: TR Value: 5e1a05044ebb5f38fcc827655ef2d5d74a370e0686daa8d9

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://surl.li/kgbpj Message: Mixed Content: The page at 'https://surl.li/kgbpj' was loaded over HTTPS, but requested an insecure element 'http://web-screen.com/img/plug.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://surl.li/kgbpj(Line 261) Message: Mixed Content: The page at 'https://surl.li/kgbpj' was loaded over HTTPS, but requested an insecure element 'http://web-screen.com/img/plug.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://facebokvaXKyaktXTQS.terbaru-2023.com/&size=16 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aid.send.microad.jp
an.yandex.ru
analytics.pangle-ads.com
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.tribalfusion.com
stats.g.doubleclick.net
surl.li
sync.teads.tv
t1.gstatic.com
tpc.googlesyndication.com
trace.mediago.io
ums.acuityplatform.com
web-screen.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.251.111.154
172.253.63.154
202.233.84.1
23.12.144.229
23.197.33.36
2600:1f18:4e9:5a05:fed2:9795:78c7:da7f
2606:4700:20::681a:513
2606:4700:3032::6815:1484
2606:4700::6812:18ad
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::63
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c0b::65
2607:f8b0:4004:c0b::9c
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::93
2607:f8b0:4004:c1d::84
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a02:6b8::90
3.33.220.150
35.208.249.213
51.222.239.230
69.90.254.78
03b26c3a19858e9cf2dafc02349c62bb38a95350d642354b5ff209a7cd299548
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0977e7b8a4ec14c6a6ee9abab21e0798e10f07dba63fa49a4f1ceca418fddaba
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25d0e77b5801f00acb914de3f5ff28b5b9f309afeeb33f0b6fc7ce17691515b8
285b4f7a68667690efaff375a8e6db0b32529703944886d3e5a6faa4755594ea
2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c
5012d4ad797f67a4dc00fb4e5c684e5ee3135a30fb789ad607bd543558db378c
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5c8e62a177cc410209e651ae35eb303b9979c6e52a894885ff1aa5769a413ff3
5d8e8b6592e05914fea7b02bd76703f9fece4b37f583331e247383d3bc09717d
5eb6f8f754d0eecf5da0ae253bffb7904da2e14d1d67a0e464238214136ee846
5fcbd380cfe4653cf6146accc638be75cbcb555d30c003116e83c38121c60aed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
681829d59c6c53557ea53b3b304958db58fba8787e5fc6ecc2ccdba52d052021
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3185e5b99383ec16a0788512f44bf419a12ad9df6e9bd0971d4a526b4801a1
6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae
7c69cbb7b2910649091ab1b8e8ed853e161ce1c6e326f15e82fc5c154ff16f6b
7c99b17873d36a90d4a3488c24950d2407b230e97f4d9dbfc38f47d7f6ba0f5b
7f3281976a5f3c16251ecaf342705954072e6ce5eb8db11bc638d4e4798453d9
856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a
87c3f17ae390bc0d1f92a9c65a38fc8ae6b8328571a822c783ae5c26da681c1c
8ab3a8d4b08d504ad5847e8bd132c66e7f0c5822da1895f9be7454a990487e05
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f3920378b0f97a81cd0f910c88427a7148356ac1bd040d2f3be27fdc4ac5328
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a19b8fffe189a8060387a4349b7abc28d374ced9c696d0f05aefd263488a7aca
af14a4d0c4902766bdb19b2b697134dd12cf7228d489b172f3f2404363b2d031
b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2059d0f36e3b59dd1957bbf7b43c6a5fb1e80a1a624816945f476220633cef7
b24556bc3b8316b2183f9dcd2ad778b8ecacdea2af535527a7c40e591bbbf62d
b3532c989163498f203503c71bb9597bc487ae518d623f3f4731371e9394f96d
c4e13b675150973ba2454260044d6d1482f83150e3d38ac483e19a888464fcfc
ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2
d03b8dbcc23821d74a8f91c60b2c1ca1141a23c1d51680572626ae4b0fcec1fe
d05e5cda107802c22eba6c2c30b962a2cd9d9066a350f0286607badfae2b7a6a
d4b8fcebb61ea4d696e03b5cb3c8e8c9e61df67c8867a7842b79f97298f054e2
db9a580bbc3dd8b41c30a671ffc461d004a8b910205f67a46904fb5bbbad43f3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df57d177a571338e2897cd5766f33eee772a47d2cb8f90752f464a055dd8d0fe
e11b3fceb47d6c7447ed869a28f7a383ee5ad62cae4ece1b6e435a523c76ae9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6
f3c2b711909fc420d52bd7965b1cd7bdbdd60b2e26c17cadaaa80c55e53df77f
f747a908d4935ddc3ca399e9ed99e6f7170b5eccf3bc66ad028dfa86331876ac
faaccd249dd75ba8a6d1c7b79883859fae1f37fa2a449cd36e84653a5fc0824d

surl.li Open in urlscan Pro 2606:4700:20::681a:513 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

87 %HTTPS

68 %IPv6

23 Domains

30 Subdomains

22 IPs

4 Countries

1931 kBTransfer

4747 kBSize

26 Cookies

8 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

surl.li Open in urlscan Pro
2606:4700:20::681a:513 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

87 %
HTTPS

68 %
IPv6

23
Domains

30
Subdomains

22
IPs

4
Countries

1931 kB
Transfer

4747 kB
Size

26
Cookies

139 HTTP transactions
5 data transactions