ceoemail.com Open in urlscan Pro
213.246.101.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ceoemail.com/ceoblank.php?r=b
Submission: On October 26 via manual (October 26th 2022, 4:27:11 am UTC) from GB — Scanned from GB

Summary HTTP 78 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 10 domains to perform 78 HTTP transactions. The main IP is 213.246.101.54, located in United Kingdom and belongs to ISIONUK Namesco Limited, GB. The main domain is ceoemail.com. The Cisco Umbrella rank of the primary domain is 928880.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 6th 2022. Valid for: a year.

This is the only time ceoemail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	213.246.101.54 213.246.101.54	8622 (ISIONUK N...) (ISIONUK Namesco Limited)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 4	54.77.210.17 54.77.210.17	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
6 8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
6	2600:9000:245... 2600:9000:2451:1400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2600:1f18:1ac... 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
78	17

2 213.246.101.54 (United Kingdom)

ASN8622 (ISIONUK Namesco Limited, GB)
PTR: vps1.ceoemail.co.uk

ceoemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.77.210.17 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-210-17.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.244 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2451:1400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	304 KB
24	adsafeprotected.com 2 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 620 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 546	195 KB
18	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 ad.doubleclick.net — Cisco Umbrella Rank: 185	47 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	6 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	161 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	5 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	ceoemail.com ceoemail.com — Cisco Umbrella Rank: 928880	6 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5147	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	696 B
78	10

	Domain	Requested by
14	dt.adsafeprotected.com	googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	ceoemail.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	static.adsafeprotected.com	pixel.adsafeprotected.com googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net www.googletagservices.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	pixel.adsafeprotected.com	2 redirects googleads.g.doubleclick.net
2	ad.doubleclick.net	www.googletagservices.com
2	ceoemail.com	ceoemail.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
78	16

This site contains links to these domains. Also see Links.

Domain
www.ceoemail.com

Subject Issuer	Validity	Valid
www.ceoemail.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-06` - `2023-10-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://ceoemail.com/ceoblank.php?r=b
Frame ID: CBA130A94F51313D14678F65CB08C927
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Frame ID: 2B438AF8C9BFE3A19863E1D763070FA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178
Frame ID: B06B2C6B83F741C236BE3F9D9E873AAC
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
Frame ID: C63DB973837764A92B86E9717E54A2AD
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&adk=1812271804&adf=3025194257&lmt=1666758426&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426477&bpp=2&bdt=275&idt=187&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&nras=1&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=191
Frame ID: B52D8D2475A90710AFE5C579B23C8363
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRDRwJb6AxjJyq_TATAB&v=APEucNWScHtFAQJnYnzvke3Hq6KkHUYPnheTMJWJERyy-Bhtw1-icz0wvNFzlWGVoiJWBO8MERjw37zawYTf5eUPC9WcWpeDlR7tCBxbF12Q7grd1RYj53zI-pEyQqdR7a9gMCGNqgxC2MeidDk6RUxg2ZRIOA_fv16d2OnQY5M0fmHP1foXXhw
Frame ID: 138E2FD407402052500A11F85F7FB369
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 49548F5BB4F076690BDDB60749FC7F86
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRDRwJb6AxjJyq_TATAB&v=APEucNVX1F0AONz2C_XcXM_0GDcgm8oDfVjeqgoCUPMbqZPxkzdtzMOnQQNroxzw8t_WeFbbIjUMAOPjnDEWilzp2odUzkRu_4IyJ7XzfjzJkhj7Se38qm1atwp93YasEf4_pwo9Fgou8eSrRfYAyNDAkYJ8jvIAzbUy4ZPfJlJ0y5SifKr3yoU
Frame ID: BFF2ADAE4146327B2880649DD5B11869
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 599D11D69C06BDA4B0CC9A2F6EC34FDF
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: BC531F705E7C10A676B30BD46ED9E588
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 506968AFBA5EB07E06D9CB9D7007E467
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3FE2B0D8D2C2974D5FE91280F3232E20
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9B50D16FFFEC0A2BA7025FB2F16CB64
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Your visit to ceoemail.com

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

78
Requests

86 %
HTTPS

63 %
IPv6

10
Domains

16
Subdomains

17
IPs

5
Countries

720 kB
Transfer

2068 kB
Size

9
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ceoemail.com/
Title: CEOemail.com - UK Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/us-companies.php
Title: CEOemail.com - US Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/eu-companies.php
Title: CEOemail.com - EU Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/asian-companies.php
Title: CEOemail.com - Asian Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/african-companies.php
Title: CEOemail.com - African Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/australia-newzealand-companies.php
Title: CEOemail.com - Australian/NZ Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/ceoemail-contact.php
Title: Contact the CEOemail.com Editor for help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPCbdLgCXygmyTx_JbKr0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPCbdLgCXygmyTx_JbKr0&google_cver=1&C=1

Request Chain 20

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1i3G3mopil6zmXFALPQ8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1

Request Chain 21

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEO_qeizXWsGyvSux6k52pAI&google_cver=1

Request Chain 22

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MDAzNTU2OTkzODA1MjIwMQ%3D%3D

Request Chain 36

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1

Request Chain 37

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1i3G3mopil6zmXFALPQ8wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1

Request Chain 38

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEElfWjB73WQLDDF4qVpeCI0&google_cver=1

Request Chain 39

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MDAzNTU2OTkzODA1MjIwMQ%3D%3D

Request Chain 51

https://pixel.adsafeprotected.com/rfw/st/1168538/65619267/skeleton.js?adsafe_url=https%3A%2F%2Fceoemail.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fceoemail.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0390685968784255%26output%3Dhtml%26h%3D600%26slotname%3D1642069567%26adk%3D4205943629%26adf%3D2833420325%26pi%3Dt.ma~as.1642069567%26w%3D160%26lmt%3D1666758426%26format%3D160x600%26url%3Dhttps%253A%252F%252Fceoemail.com%252Fceoblank.php%253Fr%253Db%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1666758426464%26bpp%3D1%26bdt%3D262%26idt%3D194%26shv%3Dr20221020%26mjsv%3Dm202210190101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D160x600%26correlator%3D817162331414%26frm%3D20%26pv%3D1%26ga_vid%3D417697630.1666758427%26ga_sid%3D1666758427%26ga_hid%3D405246216%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1434%26ady%3D8%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C42531705%252C31069973%252C31070467%252C44775017%26oid%3D2%26pvsid%3D1279289477835541%26tmod%3D430386591%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CleE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DrKccgCAMNs%26p%3Dhttps%253A%2F%2Fceoemail.com%26dtd%3D196&adsafe_type=d&adsafe_jsinfo=,id:8bb7fc26-b0f7-6aa4-3d7d-5ad61d400228,c:s7xSCA,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-zw9pw,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:247,mot:0,app:0,maw:0,fm:tllavkq+11%7C121%7C122%7C13*.1168538-65619267%7C131%7C132%7C14,idMap:13*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:267,oid:73b4c04b-54e6-11ed-a3c1-2a4b57d54384,v:19.8.358,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 56

https://pixel.adsafeprotected.com/rfw/st/1168538/65619267/skeleton.js?adsafe_url=https%3A%2F%2Fceoemail.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fceoemail.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0390685968784255%26output%3Dhtml%26h%3D600%26slotname%3D1642069567%26adk%3D4205943629%26adf%3D745599300%26pi%3Dt.ma~as.1642069567%26w%3D160%26lmt%3D1666758426%26format%3D160x600%26url%3Dhttps%253A%252F%252Fceoemail.com%252Fceoblank.php%253Fr%253Db%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1666758426461%26bpp%3D3%26bdt%3D259%26idt%3D161%26shv%3Dr20221020%26mjsv%3Dm202210190101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D817162331414%26frm%3D20%26pv%3D2%26ga_vid%3D417697630.1666758427%26ga_sid%3D1666758427%26ga_hid%3D405246216%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D8%26ady%3D8%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C42531705%252C31069973%252C31070467%252C44775017%26oid%3D2%26pvsid%3D1279289477835541%26tmod%3D430386591%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CleE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DdzQCA5QZEa%26p%3Dhttps%253A%2F%2Fceoemail.com%26dtd%3D178&adsafe_type=d&adsafe_jsinfo=,id:35285be6-d353-72c8-51f8-20b235f7fa54,c:s7xSDo,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-s6gql,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:258,mot:0,app:0,maw:0,fm:tllavli+11%7C12*.1168538-65619267%7C121%7C122%7C131%7C132%7C133%7C14,idMap:12*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:263,oid:73c9a774-54e6-11ed-bbf2-6a72f48b1ddb,v:19.8.358,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

78 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ceoblank.php Show response
ceoemail.com/ 3 KB
1 KB 179ms
63ms Document
text/html 213.246.101.54
ISIONUK Namesco L...

General

Check archive.org

Show headers Download Go to

Full URL: https://ceoemail.com/ceoblank.php?r=b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.246.101.54 , United Kingdom, ASN8622 (ISIONUK Namesco Limited, GB),
Reverse DNS: vps1.ceoemail.co.uk
Software: Apache / PHP/7.3.33 PleskLin
Resource Hash: 8ee757a762db05255b22b93942a25cbb6cf4a0cc2a066cddc39b2cb4a7355282

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 26 Oct 2022 04:27:06 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.33 PleskLin

GET
H/1.1 200
OK ceocss.css
ceoemail.com/ 4 KB
5 KB 55ms
55ms Stylesheet
text/css 213.246.101.54
ISIONUK Namesco L...

General

Check archive.org

Show headers Download Go to

Full URL: https://ceoemail.com/ceocss.css
Requested by: Host: ceoemail.com
URL: https://ceoemail.com/ceoblank.php?r=b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.246.101.54 , United Kingdom, ASN8622 (ISIONUK Namesco Limited, GB),
Reverse DNS: vps1.ceoemail.co.uk
Software: Apache / PleskLin
Resource Hash: bc6f553554002b84016dd09f660e3a86eb051181541f3cc8f80bf780666e91a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/ceoblank.php?r=b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 04:27:06 GMT
Last-Modified: Sun, 08 May 2022 17:11:18 GMT
Server: Apache
ETag: "11b9-5de832e0f9791"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4537

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 180ms
86ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ceoemail.com
URL: https://ceoemail.com/ceoblank.php?r=b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b65297733b64719c8ea71e176ce97e0dcc6c46611aa5596b5ab8303727a910f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55245
x-xss-protection: 0
server: cafe
etag: 3037993817507093091
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 04:27:06 GMT

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/ 353 KB
116 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=pub-0390685968784255&plah=ceoemail.com&bust=31070467

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

395935c74316e5d9efb7e4aba02009a692b94b75536a115142fa5adde45e48b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118767
x-xss-protection: 0
server: cafe
etag: 16168198880090153949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 04:27:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/ Frame 2B43 10 KB
5 KB 138ms
43ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 47325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 15:18:21 GMT
etag: 9671129459699598864
expires: Tue, 08 Nov 2022 15:18:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
696 B 165ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ceoemail.com&callback=_gfp_s_&client=pub-0390685968784255&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=pub-0390685968784255&plah=ceoemail.com&bust=31070467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

342fdc91337297b955f28ae6a080c03f098fd30421119474694e7a7258a157fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 181ms
48ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ceoemail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 147ms
48ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ceoemail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B06B 17 KB
9 KB 1348ms
1264ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

694b70a44441d71ecb41b8d1e931af3b1ec0a421e805a109bda7bd73c5146096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 8878
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 04:27:07 GMT
expires: Wed, 26 Oct 2022 04:27:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C63D 17 KB
9 KB 1049ms
985ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

412330a0b5334eebc5b643ec944366ba631c03c2eab57687df40c8c6e62b26ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 8850
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 04:27:07 GMT
expires: Wed, 26 Oct 2022 04:27:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B52D 0
19 B 111ms
50ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&adk=1812271804&adf=3025194257&lmt=1666758426&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426477&bpp=2&bdt=275&idt=187&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&nras=1&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=191

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 04:27:06 GMT
expires: Wed, 26 Oct 2022 04:27:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C63D 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AkP3cSDFFZmENw5DYNh1xH3z3JOZLJ38Un9uQ1DZ0eHpD_Tsg1KcRt2kNxFb_MvFnsYjgfRzisyaMV9hjI6gU0I3_O8J0E12VNYyZhP3DYGDUQOD8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame C63D 28 KB
11 KB 135ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 03:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10831
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 13:41:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 26 Oct 2022 04:37:05 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1168538/65619267/ Frame C63D 46 KB
12 KB 185ms
42ms Script
application/javascript 54.77.210.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1168538/65619267/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.210.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-210-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bccdd6a66b470d140ce9d1ba74fe0a931eef42d8878d5f54c7b3c7365830a5bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:07 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame C63D 3 KB
1 KB 132ms
44ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame C63D 17 KB
8 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C63D 152 KB
47 KB 992ms
900ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 04:27:08 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 138E 624 B
300 B 53ms
53ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRDRwJb6AxjJyq_TATAB&v=APEucNWScHtFAQJnYnzvke3Hq6KkHUYPnheTMJWJERyy-Bhtw1-icz0wvNFzlWGVoiJWBO8MERjw37zawYTf5eUPC9WcWpeDlR7tCBxbF12Q7grd1RYj53zI-pEyQqdR7a9gMCGNqgxC2MeidDk6RUxg2ZRIOA_fv16d2OnQY5M0fmHP1foXXhw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 04:27:07 GMT
expires: Wed, 26 Oct 2022 04:27:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C63D 15 KB
11 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AoLiH5iSvpqeGoRJG49OXvVdWBVJyV6JECMYwr6iv0i4eTsay7P_Ta0Y3JWFUwfx7S3fQe49KFpDBFkFzwXeWDaUw02jHPWWjzT7MhOO8hg1OH0wVlEoLzMAPPbh3A0qYQJlMTulhPE_TGo6W-9wRN0BNcygNzzCap8ZpMtmKBqGWiqx4&cry=1&dbm_d=AKAmf-A1-qCYADLUplAvYbf6e5yGuSzTfhKLcZBvCo2a5_mXBFYhqHVLPKl4XdRbPm1LstYhQLJJ7SYvv8EnV8fPsq8dQHfsw_cOaWcWRtLnCssVDvNKDC_DNkCCe5Cn_grOw3NrSAPt48CY1lakAv8bzRY7rnnwPJedQK62fnrUe8K6Y_DDLu_FR-9dlLSvCgtS4HJg0Fe1Q1iHgj3GoO4oycKG6B1Q5bLCKaYHyGXlZYH7TzOhMj_jmT6_Dgc_PEI2r_TfP6oUwvLqPievE6B0CoHPMnDRZTI5bZ_VbMgtZZly_U5UuxkGZu0WSgcLw_wJyjzkGJnO-iIdGsC9JmTA46750ZhK1jZfRLw-oetwKsI0eVue0_NSFz-cEL4cnk6yKQ6ifJWOemMqgkY9h4VxltTko6dHDfxQicrltY9PerGKbQ-ikLHSrWFGhjgxRXmIp7gfFjYde-8mpQG0uc1kzRnu545RM4g6B5HXm3R-1Dpdkx07_t6DYjTKenQDqub7m47oiK4tHsGXCFrhC6uX54xPrM-9ftrw_u6nASGW4jlcFaygXf3oUGOMgo7GLYPpqISceuY373ckzqi6aLVL86VAoODcWM-zCEwMLuqm5nj30NxA1-O3Ow8V8dskBkAJZFk0r2H9zsiDqekwLzjcbgH1dB6qJJEYjIptNCFhbgPvJCy2HAbGEHKeCRvUyF8X_f7ccdgQLXV3J0l3ba5ecEs7CWx5E-onJ76jMNZbjfdugGXq11n3Cvx2pZnMqb70b6rNp86JFaJqbkBnXJaVdYauftw2avEJI4J4zdaM0JzncnMgD6oGeCrGcfZV_uTBiwVOn2mE-pQacO7P4EaxecedqxwqQwsE4zMaXsfjyKZ7G9izrvsJ1N27Konr39iRIbDugakffl1CH4s2T_KIP8Z05eq7oMNHyae5ebUcz3oIqml__uuNAKqleoWBGGii1bzQE-nmdv16IgQR2BsoDKqX7maK0KwBmaIIsqWXQ5m85n1p6hyM2quUR3d1exttbPX0LdhlKzZeZIs8Q_SphC4RGIWGWOuX4FAHGZLy0o81E4xiduVS9otxoApysudK-VvGPmgibfnSp8hxKtm4yBJVC_UBHw8q1rEfKtXz3BGd02nL5n4BYltIQgfT6IZMpSS1lV9ogIp1egW6kg3oQN4lt5W4VccGqkjhYbzZ9Ep4ifnakFIUvjdu5RHjRC3gVpNjvbJDCSecy2y96M2Nh0tCApnXEA_9x3tPK4nkp2Mgfpv2k4DTk6u4_VQQkOTatTdAvmvzFoWGcFJ8Dm2_T_EFaJ76gXrVVYxEnNCovIxKiiSInSiiGaYc49XChYDF2VUrloMi0nrBJH4lSPgsAUb44UcDlMaMKgPMj0eVru8Ylp9-92b1ul7e_6vstRhjlPdKWUMcRR_KgabAmBEG7-twvu-SbY-aiBy1U2eEA89gxhbvVlDs55_RLGNUwK-lHud26c6GH6m0c12D7yJUDlBI4R4x6G9lHfIo28H96xsAWmP48znD5cUmAdwP5sVGwV2bmCug6xIYz8hKLYR95r9NmAt0rZpEO57wwgAQ0BtzCWQ6WRsSNWS0StDVB4D-i3unU3ApqO5yCY-sk8blmbaJKcuZkihLZLKjSmM8G_d0UxWYgVxz0JVIEfWg_bVMPyvtsX3mAUHdsBfFtQVQqMUnDXaM35kOvNWFisA1JGe66Z_szmaC1ThwzVMcTHLyDPTECH57SFXnJ0f5S3l7IHSZuCVaMIyN-U50oxbuadn4wO3jaGyDylHMtV11oBq-ysXKG31RqN35h2fJeVIyyyMx9jf4WYB_b6ZbBESetcx59U8We0nWpfZCMqrdnV0oqR_4qLz1wboq1Aj3bLM2sYE3U5xYB4O4LHP7sh7fnNgNYlCL31ZW_9lIHuBadnIlAejd0zMSNUvUTKwm4sHFQlGh-1hCB12NnbHMTbaho6Rh9WwOnQg7zcbbTagi-Ar7sVG2ET9tVMzixayS4tjedbsUHEedUmdfzhckjhxMIhlgm6X81E8PoxYPT2s8nx38ZJw1BnUgZNcaVuJSb7ZJC3dV6_8GLgOekyAkfzMcjn2Qweuf_RolSxBTFUQspHGnrfQttt45LA_fpHfqCotfDFTRovd1_KkkDgd1TcQ7bHooccMxCgzzQRSFAch-eCSwkI72dh074PwufCXe_cFRQT6Dv9OO2rby-srjIjUCh4xGavbrFOz4Fm-MD_M-ZeNPhjW9euhIBUQEmZR9VJp2u5y09G4BlJWrXSNHoGJI0aOGpp733MjtFzLtk3rGiHczRvKz7cyTxIqfbxQcMoaMFgcoiH5s5R6fiVXVmtGzJBKTFEcFVmn5mPyD97NORLT7E04_ECyI7nIax9Kup8mFD5SMS8KP4ZJzfIWgJj_8_FLEbNXDr-jJZBYBvcuJGAgiuROAHl3Wv59_UdSQHk11jHaTCmVWklQ3F5wo46eG9HI51eUHiDEAZrhC2ZTZw4hFQyqjsmgacC1FwMqpGnEMkiVwaK3a_Qx2d7h4SRO4rBNua4_d45tOWBc0mG2oRdSZnrEP2qVxW8EmvaSgG_G31Ma8q_xq-rm1XpvMLWwxiSPmtX-I28JzR0QV94I8Yy84tteKkF0iWRC7KABkGIbYw0fZjbrsYAFlyMQ4Zzb2WMcjUkowaLZ_Nd1uHLmshMSJ-z39Ggz7d8jeUnIXHrm4K-z6XrOZLFGNyt4tPIY0pAQF49yMl4nvRaw6ACe4WutahhhE3hqRV6Wh0-U9z6eY0JSA6SosU_G-RqQS3rJscsvZouKo0VJgFr8gGZ35njBDCbx7eOfx8QRGqZW5ThGDZw70GSUV5gm5MRyXrZVIl0bG8oIaGveQj9MWhqHPW85hrTfhmougDuZwffzXWgLXeHyHr178N3rhcx4MtVAy36xDgeEqybcDr5tNJ9nhXyfxsoZebVgpf1vHkYL2ble_K7OmACkDQKKPJC3vxSvW4A9g26ZNb_ObhKnTdkd_7Cri6PLx-tzhVW1yWPCOhRhlVra8YsJz_Jaw8BOsbHgsGsHASikI_IcAgMnl3g_ff059yjk0ErgYxqNQXNjl-Hcp49Ejy-VD1rjgXlJIKIut1xzDvD43rHgU1-TeuikzxZhY9z_AtY3OiKvCW97V3Ff-rZKd8OrpsbkG__PyEYeB_JS4awrGPNn-zODvqhDbMIU9YVJbMV8f&cid=CAASBORohV0&rfl=1%2Chttps%253A%252F%252Fceoemail.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf73f2baa31540630a5ec72d2cb5c7a165584ea2f6c4a88e7251dcfda5334e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 138E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPCbdLgCXygmyTx_JbKr0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPCbdLgCXygmyTx_JbKr0&google_cver=1&C=1

43 B
766 B

46ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMxPCbdLgCXygmyTx_JbKr0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRDRwJb6AxjJyq_TATAB&v=APEucNWScHtFAQJnYnzvke3Hq6KkHUYPnheTMJWJERyy-Bhtw1-icz0wvNFzlWGVoiJWBO8MERjw37zawYTf5eUPC9WcWpeDlR7tCBxbF12Q7grd1RYj53zI-pEyQqdR7a9gMCGNqgxC2MeidDk6RUxg2ZRIOA_fv16d2OnQY5M0fmHP1foXXhw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 04:27:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 04:27:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEMxPCbdLgCXygmyTx_JbKr0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 138E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1i3G3mopil6zmXFALPQ8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1

43 B
894 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRDRwJb6AxjJyq_TATAB&v=APEucNWScHtFAQJnYnzvke3Hq6KkHUYPnheTMJWJERyy-Bhtw1-icz0wvNFzlWGVoiJWBO8MERjw37zawYTf5eUPC9WcWpeDlR7tCBxbF12Q7grd1RYj53zI-pEyQqdR7a9gMCGNqgxC2MeidDk6RUxg2ZRIOA_fv16d2OnQY5M0fmHP1foXXhw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 04:27:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 138E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEO_qeizXWsGyvSux6k52pAI&google_cver=1

43 B
1020 B

38ms
35ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEO_qeizXWsGyvSux6k52pAI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRDRwJb6AxjJyq_TATAB&v=APEucNWScHtFAQJnYnzvke3Hq6KkHUYPnheTMJWJERyy-Bhtw1-icz0wvNFzlWGVoiJWBO8MERjw37zawYTf5eUPC9WcWpeDlR7tCBxbF12Q7grd1RYj53zI-pEyQqdR7a9gMCGNqgxC2MeidDk6RUxg2ZRIOA_fv16d2OnQY5M0fmHP1foXXhw

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 04:27:07 GMT
AN-X-Request-Uuid: 406195af-33e1-4668-8b5b-1772bfc9bde5
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEO_qeizXWsGyvSux6k52pAI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 138E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MDAzNTU2OTkzODA1MjIwMQ%3D%3D

170 B
188 B

134ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MDAzNTU2OTkzODA1MjIwMQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 04:27:07 GMT
AN-X-Request-Uuid: bb93886d-afdb-4de6-9d25-0655c91753fb
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MDAzNTU2OTkzODA1MjIwMQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C63D 41 KB
15 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AoLiH5iSvpqeGoRJG49OXvVdWBVJyV6JECMYwr6iv0i4eTsay7P_Ta0Y3JWFUwfx7S3fQe49KFpDBFkFzwXeWDaUw02jHPWWjzT7MhOO8hg1OH0wVlEoLzMAPPbh3A0qYQJlMTulhPE_TGo6W-9wRN0BNcygNzzCap8ZpMtmKBqGWiqx4&cry=1&dbm_d=AKAmf-A1-qCYADLUplAvYbf6e5yGuSzTfhKLcZBvCo2a5_mXBFYhqHVLPKl4XdRbPm1LstYhQLJJ7SYvv8EnV8fPsq8dQHfsw_cOaWcWRtLnCssVDvNKDC_DNkCCe5Cn_grOw3NrSAPt48CY1lakAv8bzRY7rnnwPJedQK62fnrUe8K6Y_DDLu_FR-9dlLSvCgtS4HJg0Fe1Q1iHgj3GoO4oycKG6B1Q5bLCKaYHyGXlZYH7TzOhMj_jmT6_Dgc_PEI2r_TfP6oUwvLqPievE6B0CoHPMnDRZTI5bZ_VbMgtZZly_U5UuxkGZu0WSgcLw_wJyjzkGJnO-iIdGsC9JmTA46750ZhK1jZfRLw-oetwKsI0eVue0_NSFz-cEL4cnk6yKQ6ifJWOemMqgkY9h4VxltTko6dHDfxQicrltY9PerGKbQ-ikLHSrWFGhjgxRXmIp7gfFjYde-8mpQG0uc1kzRnu545RM4g6B5HXm3R-1Dpdkx07_t6DYjTKenQDqub7m47oiK4tHsGXCFrhC6uX54xPrM-9ftrw_u6nASGW4jlcFaygXf3oUGOMgo7GLYPpqISceuY373ckzqi6aLVL86VAoODcWM-zCEwMLuqm5nj30NxA1-O3Ow8V8dskBkAJZFk0r2H9zsiDqekwLzjcbgH1dB6qJJEYjIptNCFhbgPvJCy2HAbGEHKeCRvUyF8X_f7ccdgQLXV3J0l3ba5ecEs7CWx5E-onJ76jMNZbjfdugGXq11n3Cvx2pZnMqb70b6rNp86JFaJqbkBnXJaVdYauftw2avEJI4J4zdaM0JzncnMgD6oGeCrGcfZV_uTBiwVOn2mE-pQacO7P4EaxecedqxwqQwsE4zMaXsfjyKZ7G9izrvsJ1N27Konr39iRIbDugakffl1CH4s2T_KIP8Z05eq7oMNHyae5ebUcz3oIqml__uuNAKqleoWBGGii1bzQE-nmdv16IgQR2BsoDKqX7maK0KwBmaIIsqWXQ5m85n1p6hyM2quUR3d1exttbPX0LdhlKzZeZIs8Q_SphC4RGIWGWOuX4FAHGZLy0o81E4xiduVS9otxoApysudK-VvGPmgibfnSp8hxKtm4yBJVC_UBHw8q1rEfKtXz3BGd02nL5n4BYltIQgfT6IZMpSS1lV9ogIp1egW6kg3oQN4lt5W4VccGqkjhYbzZ9Ep4ifnakFIUvjdu5RHjRC3gVpNjvbJDCSecy2y96M2Nh0tCApnXEA_9x3tPK4nkp2Mgfpv2k4DTk6u4_VQQkOTatTdAvmvzFoWGcFJ8Dm2_T_EFaJ76gXrVVYxEnNCovIxKiiSInSiiGaYc49XChYDF2VUrloMi0nrBJH4lSPgsAUb44UcDlMaMKgPMj0eVru8Ylp9-92b1ul7e_6vstRhjlPdKWUMcRR_KgabAmBEG7-twvu-SbY-aiBy1U2eEA89gxhbvVlDs55_RLGNUwK-lHud26c6GH6m0c12D7yJUDlBI4R4x6G9lHfIo28H96xsAWmP48znD5cUmAdwP5sVGwV2bmCug6xIYz8hKLYR95r9NmAt0rZpEO57wwgAQ0BtzCWQ6WRsSNWS0StDVB4D-i3unU3ApqO5yCY-sk8blmbaJKcuZkihLZLKjSmM8G_d0UxWYgVxz0JVIEfWg_bVMPyvtsX3mAUHdsBfFtQVQqMUnDXaM35kOvNWFisA1JGe66Z_szmaC1ThwzVMcTHLyDPTECH57SFXnJ0f5S3l7IHSZuCVaMIyN-U50oxbuadn4wO3jaGyDylHMtV11oBq-ysXKG31RqN35h2fJeVIyyyMx9jf4WYB_b6ZbBESetcx59U8We0nWpfZCMqrdnV0oqR_4qLz1wboq1Aj3bLM2sYE3U5xYB4O4LHP7sh7fnNgNYlCL31ZW_9lIHuBadnIlAejd0zMSNUvUTKwm4sHFQlGh-1hCB12NnbHMTbaho6Rh9WwOnQg7zcbbTagi-Ar7sVG2ET9tVMzixayS4tjedbsUHEedUmdfzhckjhxMIhlgm6X81E8PoxYPT2s8nx38ZJw1BnUgZNcaVuJSb7ZJC3dV6_8GLgOekyAkfzMcjn2Qweuf_RolSxBTFUQspHGnrfQttt45LA_fpHfqCotfDFTRovd1_KkkDgd1TcQ7bHooccMxCgzzQRSFAch-eCSwkI72dh074PwufCXe_cFRQT6Dv9OO2rby-srjIjUCh4xGavbrFOz4Fm-MD_M-ZeNPhjW9euhIBUQEmZR9VJp2u5y09G4BlJWrXSNHoGJI0aOGpp733MjtFzLtk3rGiHczRvKz7cyTxIqfbxQcMoaMFgcoiH5s5R6fiVXVmtGzJBKTFEcFVmn5mPyD97NORLT7E04_ECyI7nIax9Kup8mFD5SMS8KP4ZJzfIWgJj_8_FLEbNXDr-jJZBYBvcuJGAgiuROAHl3Wv59_UdSQHk11jHaTCmVWklQ3F5wo46eG9HI51eUHiDEAZrhC2ZTZw4hFQyqjsmgacC1FwMqpGnEMkiVwaK3a_Qx2d7h4SRO4rBNua4_d45tOWBc0mG2oRdSZnrEP2qVxW8EmvaSgG_G31Ma8q_xq-rm1XpvMLWwxiSPmtX-I28JzR0QV94I8Yy84tteKkF0iWRC7KABkGIbYw0fZjbrsYAFlyMQ4Zzb2WMcjUkowaLZ_Nd1uHLmshMSJ-z39Ggz7d8jeUnIXHrm4K-z6XrOZLFGNyt4tPIY0pAQF49yMl4nvRaw6ACe4WutahhhE3hqRV6Wh0-U9z6eY0JSA6SosU_G-RqQS3rJscsvZouKo0VJgFr8gGZ35njBDCbx7eOfx8QRGqZW5ThGDZw70GSUV5gm5MRyXrZVIl0bG8oIaGveQj9MWhqHPW85hrTfhmougDuZwffzXWgLXeHyHr178N3rhcx4MtVAy36xDgeEqybcDr5tNJ9nhXyfxsoZebVgpf1vHkYL2ble_K7OmACkDQKKPJC3vxSvW4A9g26ZNb_ObhKnTdkd_7Cri6PLx-tzhVW1yWPCOhRhlVra8YsJz_Jaw8BOsbHgsGsHASikI_IcAgMnl3g_ff059yjk0ErgYxqNQXNjl-Hcp49Ejy-VD1rjgXlJIKIut1xzDvD43rHgU1-TeuikzxZhY9z_AtY3OiKvCW97V3Ff-rZKd8OrpsbkG__PyEYeB_JS4awrGPNn-zODvqhDbMIU9YVJbMV8f&cid=CAASBORohV0&rfl=1%2Chttps%253A%252F%252Fceoemail.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
H3 200 impl_v91.js Show response
www.googletagservices.com/dcm/ Frame C63D 61 KB
23 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v91.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23646
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 14:40:45 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4954 22 KB
8 KB 121ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 83128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B06B 42 B
63 B 79ms
79ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COrkWc23Qu8ru9shM_YxtZ7bFO2kNoWFPmt3A7e84h9N77eeu_6T4mif-ChztvpnnozGM1c_bHB8TDzwyK0WqztBMSg9iBzD8B-lXoXvMw-xb20H4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame B06B 28 KB
11 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 03:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10831
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 13:41:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 26 Oct 2022 04:37:05 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1168538/65619267/ Frame B06B 46 KB
12 KB 42ms
41ms Script
application/javascript 54.77.210.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1168538/65619267/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.210.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-210-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a842ff2499db6da63a4111d7dea3f38d6287fd56df96a446f85bbfaf3a13d09e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame B06B 3 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:30:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame B06B 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:22:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B06B 152 KB
46 KB 708ms
708ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 04:27:08 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BFF2 624 B
299 B 51ms
51ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRDRwJb6AxjJyq_TATAB&v=APEucNVX1F0AONz2C_XcXM_0GDcgm8oDfVjeqgoCUPMbqZPxkzdtzMOnQQNroxzw8t_WeFbbIjUMAOPjnDEWilzp2odUzkRu_4IyJ7XzfjzJkhj7Se38qm1atwp93YasEf4_pwo9Fgou8eSrRfYAyNDAkYJ8jvIAzbUy4ZPfJlJ0y5SifKr3yoU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 04:27:08 GMT
expires: Wed, 26 Oct 2022 04:27:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B06B 15 KB
11 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYUmyDpllV6mDty1vsDM92WuB3fWGifBgaV4rnIGwN-P9BioRSt1wFL2EPrH9zVHkPYdDQJM1Zg1NLqGtvlhN-FQoy9vb0-g0Ee770jUHdtFQTATmBARP9vPwdJfwHkUt1S6P-D7kntJbrFLzB97HG46qdGdGVo-m0bpWqjy7D16KQJC4&cry=1&dbm_d=AKAmf-DJplADc6J4axqGlBBB6Ixwp2g2pbRvvallGVXIRE8FyLKfJx8BAp7ytpG8V8BEV_szuYkQGyPzSZU-G6fPW3pWiO0QLirvq7aL1drKSHdIpsqAc60yL7Nf4CLgpGvFfSidG3WUSHeeSBv6JCKkugwS2xTP2AIE4aPZ08W0yWDSD9hAeGqv3R8VQBLtRHK57x-SjBAtAz3MXT1mJAJb8V7o4QcizCFtS_-eIjJMtfynS6DEneXazUxvr-friZSUaLb6Ufp4IP0EQR8L6M4Xr9RgXj-EpcoasHJU8GoKRuHEHPD0Rl7rA8YL7JGEI5c6AtzCzr3jF1vWi0FZVy_Qi1HhpOGlm9BK8TR1Q0YWlIXEanb3k5lXNhcfY-1MqriPObj56MnzL1xaJ3_g5C-uJPrmSBz2oB6_pvJ88JBRVuCRLZeE8HIQbPA0tP0lrK5gJY3F6sV0bjqIrWTxaX6UX4jj8wRKu8Gz7i8jAxWY89mKf7XqYg96V1wtZbbrNPtTXN_pbYoiO7Ft4lhoFbFuTt3uQawjGAvF9sB-TsxsadFUPtsunEm_ElzErmLACCvdbFLNvtFGmJd-l6zbPhAb4Wyi624-Nb3CwZOlNTxQsJvIeAE5ESzo4f-8cGN5dPqx4o3qDGoXAIenYT6sjv9rdHpHxKJtpRY2SB7R3ShDe9qSZQWxey9cQOrSlSpGnVNlrVEPDwpzGmBBTePgyjCSJW4phSTfFh9Yd0ZHHAugnOFKHDTGPdBmWIsYkrmUyvST17LPLR5wS8YoqL31RIZfZieu1RItF2kfP6go7W_LMGCkF-a4iWPIkQVbdLZ-WixM7lpxytrzATp9oVSVMBddH0csUnvhlWVenawyM-qT0b3yzDEoTuW8I3zh2lezmjqXhvr6QKxBNgrvqXNe0lZOM-i6HMp5dool7MhkUFHiC9BlE0w8FyO9epMSRFSzM_wIoU_DkHFB7dHuHppKF7UHY62jdOAB29o6W_8s75LuWEgocpVdW_F8XJZHtqK9q5TRnGxP3o6W1nBuZkX_gzI_l19RSCKpb8KSq2jYa8cCX9yqytWk45bokr0HPm3UGcgVUL-HTqVdYETI4CRav9F1NLfntORkO_3JAyZso8pgUoTkCvnwfw_wEyeFeuOhyx8wnXxfqqzQrxsrjHfjh8N8g7ftrf2gzlFUUwF7HR3Ynv_M9YCf_Prhp2Cquvw4_Wsi4O11zHKZaz2nl33dimsQDJbNT0QS81eUgKowYrXSLj7oVgF7pZGb-zKqD3tOXm67doOJynW9rBQWFZm9N7oHsz68BduoiIrYA_Q2e3XbGPhiVaxvRIcF9SYDDUkfOyOfuYyC0MhoHTiffNZxyKdsD518ChqKKSpqE1913zghWX_fLBMaRFbryTTtLxn0fs5dEgeqxhQjkWR0qu1e4RB4jqVerslCWMbJSZRzHPIQgtuNnVwinO4woA1NZp_pKKpYQTbLrhLheZztqbhWm8Hf6VAYZHhLGoWK7J4LbFcbgA6hA1nKWcbvqqI0-Q28-RPSb3jxUmyYKBm4NadwtcIau9PX8budGMzIj7IHq7pi6zKvNDl_AKK39j1DtE3bRG-Hs7p7LBMk-5d9m1SPRektFjeLDfp5PWxUTHjrK2I7XlWOBz7K3sqERAHUbRxmdVpmnCcgX42AmS8H99rezlObilOx65KGvdGN9b3_BdJoJ-I4KNstMMnoiNjWItxbq7aIPlYwdlk2ntohLUyl3KzG7qoEQeZV63Bhd2Z9vgbLQpkiEsrI71dRAvlpi70t4CS-xvcHaBs7CkY1xwJUpbfXG0nkeZitQDmW9J3AcK4_7RxzWEXEfuHHBATkc13udhvuJUig0Rl8iXvej0E6DOMJGb_EpdZxhbUCN3uzNKnUtJkHwz5LBaEDcUSQP9_eTUnHI_D_8IbGI-qTp2lHoQUBIaZrwMYnTZpXO5hQ8FLulCCKd_4rdtlQBRsH2ONm73WeP9sXBpkY0GLxY9HyQl0ZNjV8PbNfCJeCoDzqdsb4nTVHote17YDVXxWgMEhJlO3o1_dycYefsvaHP2CaP2xLSt2ju5aRS9M3GlfOAlrSXmo1dcOTmRnuRrKk2-QLYZOr0BpjEWKW34hAn8vPKA486HA7HArNKidnsyPgNdmgkLC69D1lRCGFxPsSDbTvfnACkrBqOxQA6weiUyOtMwoaZ_34DujXuj07E1zocFEjWpiP9PcmZ9o6ENDV0O8d6Ulo_oaDcC4KGeIJ1w8P2he1c4q0GH87Rc_6i51MAjgCEM5KYIyt21ROBLZ0PAPtDfDesiXdiEXgB_63HJwD9aK0Bjuowu53RsNz5_eOK1WQTr6g-ZN7TyEMwXOlFsx3DGWWFq2-kgs8ooo2fuhPWGCUkIZMK86uUB8F2IWN3sdcaoT5iMIdIyDEctvutm74J2PJDR7YFe6tMaNhzpN38DjkGB_DKvuga0zxcgT52MNKZe9MvbvdWP66pVQNoH9bWGJhKVMHyYQP8jZIDBIPoQqKcoglkVB519C7nVD-GFLmnLWtmvcho41M4_iEzKQ5GWUaS_v65e03l8BTt5_Qz7QK4gGkXGPIhlfysHai1rZVcparbvDS7PbP_V_gltz4Voxv1e_Q8ltM7eOAvac3Arm_nqBOUR3wnUQYripewL-GDFbBrmxCSyOmg2vQtPU4BgNOW7bNAYPMzto9Zg_eBbQrRupFwMiIcPneKxLI4XlOKFLauUNgaspj6mmtQQ0AxSG42grMheuJxgHR91tNPRpsek9ELNzQT6US0Ndj-HVMBvZUCQxut111TS0pvMxlb-T6CvYPpWAJ1EE7s04nNaLXT6HqPyGDbyjOwK4lxZ6C4TfmsKCU24_3-MgW9eM1Wrg0TQaQ1dWmDkraZSW06QiExl-j4XL6daTPYNsjVHmkpb5p_Ybe9y3b2Xx2leSEqpTlgz85eiy11zPqKxHvbvqmA5PaSVxILVylURFO7WmkEhEM7PDHsyET5HG1ODKA4B_lChP9ElyiYjm3t3NNDdDfnrSM38FTrGtEMQYuLHz73o8H5EA4CjBIwjrA9f_rsIUBizUVUcMTT9ynn0RgbtMnBxof46tzmZNndm1NvpdQfY3uK6CIpcJ_7skxwUrIdDllQYhBmxhh0KU96fwBRbuNvDLdhkT-AfCy66nTFbbuuAApwgeh4HzhO_ORlyC1j0nhhMMGMpxg&cid=CAASBORoTh8&rfl=1%2Chttps%253A%252F%252Fceoemail.com%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3559689700523dfef2ce6608c1ad00b50ab5494669d5fe2f87aa2ecccdd5efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11201
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B28450931.344493821;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=2923430905;ord=jlngup;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2-KwGrdYY5elLpXlgAeGuL7wD4X0_PRs8KGWy6U... Show response
ad.doubleclick.net/ddm/adj/N34506.984338AOD.CO.UK4/ Frame C63D 11 B
547 B 159ms
63ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N34506.984338AOD.CO.UK4/B28450931.344493821;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=2923430905;ord=jlngup;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2-KwGrdYY5elLpXlgAeGuL7wD4X0_PRs8KGWy6UQv8qivcABEAEgydCDAmC7hoCA0AqgAf6R9PQoyAEJqQI-R0dubjKzPqgDAaoE2gFP0MR_MxKeKif_hm6Ui9DOhu8cWHXSATgbaaIM4FMTwTGF5zpJF_GMLeDvusy6eDra_E5JynFzY5I148quGuwJhnar9PrNSpAMR5Yr4VL0RLavCeXXGjbKnztfC-DR7eIxqeXh56S8sB1v8YufFCzjXb0C3EQxc3hJVIzQvfZa_BChg20szrGjr3Gkucg1DMwgN2DFYdL-t3S0nLkeGnSsyIBCPqp9GS3Rq3ps9je7-J7Rqd7TZirizfM6WOnywD5nbJNBitYPj2sNjbnZ7IJMzZNCoZrd61Vt28AEv4SPlYkE4AQDkAYBoAZNgAf-ycTUA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATz9K9ENATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASBORohV0%26sig%3DAOD64_3IhEaPRFL_YjvvJVilqEhBJkn2bQ%26client%3Dca-pub-0390685968784255%26dbm_c%3DAKAmf-BC0_5Ys3EVA4VvSxBkwMvYxttITtTwfI4FO81TuqtWtfRt_6bCqx5HXLsL3dLgQNnk9HSkgrdfnHYdRmKDv1-jq5TNE4S_HwdSii5-Cynut9SJB0VP0-GaAWnubEnPAtmRDVCgk-bRCZOqhy97WE0-xSlaYkacnoSrgnEa1zrXc9LRvHY%26cry%3D1%26dbm_d%3DAKAmf-Cvc9tmTpJB5-JjWzpzPBLPdl5WJtj98oRvKaZ9OA8PnQuOxZQVzzRi-7hgAkq9cDd8BO6kV_sWKe5n5pxh8uvEEaENUcCLEam6wVsFMkj43LwaOOEPNDkaa36gxIikJKzy3gLYitqoBPlNDVuGXSGFOyVL8YR40VE7BdvQJPcnrIOyRJuQCOdlCCZ3uVgbg4F73cV75-RX0bGHs-eUcidUEVgm8NRPjqBMcDbDIf-JHC1ro98M5fpSz96LfVqQQE7ckpFMNhNXs1Kq3qpT2o1petAzImX8bl246BNslmjKdWR2GxPo8U2VYKjhig8f_Jhwmb9w2t80wldO-lQiPR6yaWT0tah6olV4TrXCP7aIxkrwT6-dbf8ngrIehWihl0C4Ib2csE3FXd-boU-NEYiE_M97q3X0TBL2J_bdZsUzf9cDbD_LTEW7ndsZIYU3sLCk4hIVfqg3x5JyxDfnoEfKt33n66BR8IBEYMadIpRf4VioepS0M_HJ9UI3X7hvuSDGZfYUqttE5AZqw3j0HH1hZbrOHAPk0peGKQia2i7UOlyP-5BKP8dWZ3uY1RSFEp6AHefU%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fceoemail.com%2F$0;xdt=1;crlt=l6cxj(FP-A;stc=1;chaa=1;sttr=153;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4954 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 03:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 03:48:28 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BFF2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRDRwJb6AxjJyq_TATAB&v=APEucNVX1F0AONz2C_XcXM_0GDcgm8oDfVjeqgoCUPMbqZPxkzdtzMOnQQNroxzw8t_WeFbbIjUMAOPjnDEWilzp2odUzkRu_4IyJ7XzfjzJkhj7Se38qm1atwp93YasEf4_pwo9Fgou8eSrRfYAyNDAkYJ8jvIAzbUy4ZPfJlJ0y5SifKr3yoU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 04:27:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BFF2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1i3G3mopil6zmXFALPQ8wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRDRwJb6AxjJyq_TATAB&v=APEucNVX1F0AONz2C_XcXM_0GDcgm8oDfVjeqgoCUPMbqZPxkzdtzMOnQQNroxzw8t_WeFbbIjUMAOPjnDEWilzp2odUzkRu_4IyJ7XzfjzJkhj7Se38qm1atwp93YasEf4_pwo9Fgou8eSrRfYAyNDAkYJ8jvIAzbUy4ZPfJlJ0y5SifKr3yoU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 04:27:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENYeCqEN4gdbrmcOQVvpIls&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BFF2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEElfWjB73WQLDDF4qVpeCI0&google_cver=1

43 B
1020 B

34ms
34ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEElfWjB73WQLDDF4qVpeCI0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3jLRDRwJb6AxjJyq_TATAB&v=APEucNVX1F0AONz2C_XcXM_0GDcgm8oDfVjeqgoCUPMbqZPxkzdtzMOnQQNroxzw8t_WeFbbIjUMAOPjnDEWilzp2odUzkRu_4IyJ7XzfjzJkhj7Se38qm1atwp93YasEf4_pwo9Fgou8eSrRfYAyNDAkYJ8jvIAzbUy4ZPfJlJ0y5SifKr3yoU

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 04:27:08 GMT
AN-X-Request-Uuid: 66ef3e5a-7423-4706-88e5-5358644a475a
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEElfWjB73WQLDDF4qVpeCI0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFF2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MDAzNTU2OTkzODA1MjIwMQ%3D%3D

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MDAzNTU2OTkzODA1MjIwMQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 04:27:08 GMT
AN-X-Request-Uuid: 4b4737fa-3be3-4db6-91c6-2285da79821a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ1MDAzNTU2OTkzODA1MjIwMQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B06B 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYUmyDpllV6mDty1vsDM92WuB3fWGifBgaV4rnIGwN-P9BioRSt1wFL2EPrH9zVHkPYdDQJM1Zg1NLqGtvlhN-FQoy9vb0-g0Ee770jUHdtFQTATmBARP9vPwdJfwHkUt1S6P-D7kntJbrFLzB97HG46qdGdGVo-m0bpWqjy7D16KQJC4&cry=1&dbm_d=AKAmf-DJplADc6J4axqGlBBB6Ixwp2g2pbRvvallGVXIRE8FyLKfJx8BAp7ytpG8V8BEV_szuYkQGyPzSZU-G6fPW3pWiO0QLirvq7aL1drKSHdIpsqAc60yL7Nf4CLgpGvFfSidG3WUSHeeSBv6JCKkugwS2xTP2AIE4aPZ08W0yWDSD9hAeGqv3R8VQBLtRHK57x-SjBAtAz3MXT1mJAJb8V7o4QcizCFtS_-eIjJMtfynS6DEneXazUxvr-friZSUaLb6Ufp4IP0EQR8L6M4Xr9RgXj-EpcoasHJU8GoKRuHEHPD0Rl7rA8YL7JGEI5c6AtzCzr3jF1vWi0FZVy_Qi1HhpOGlm9BK8TR1Q0YWlIXEanb3k5lXNhcfY-1MqriPObj56MnzL1xaJ3_g5C-uJPrmSBz2oB6_pvJ88JBRVuCRLZeE8HIQbPA0tP0lrK5gJY3F6sV0bjqIrWTxaX6UX4jj8wRKu8Gz7i8jAxWY89mKf7XqYg96V1wtZbbrNPtTXN_pbYoiO7Ft4lhoFbFuTt3uQawjGAvF9sB-TsxsadFUPtsunEm_ElzErmLACCvdbFLNvtFGmJd-l6zbPhAb4Wyi624-Nb3CwZOlNTxQsJvIeAE5ESzo4f-8cGN5dPqx4o3qDGoXAIenYT6sjv9rdHpHxKJtpRY2SB7R3ShDe9qSZQWxey9cQOrSlSpGnVNlrVEPDwpzGmBBTePgyjCSJW4phSTfFh9Yd0ZHHAugnOFKHDTGPdBmWIsYkrmUyvST17LPLR5wS8YoqL31RIZfZieu1RItF2kfP6go7W_LMGCkF-a4iWPIkQVbdLZ-WixM7lpxytrzATp9oVSVMBddH0csUnvhlWVenawyM-qT0b3yzDEoTuW8I3zh2lezmjqXhvr6QKxBNgrvqXNe0lZOM-i6HMp5dool7MhkUFHiC9BlE0w8FyO9epMSRFSzM_wIoU_DkHFB7dHuHppKF7UHY62jdOAB29o6W_8s75LuWEgocpVdW_F8XJZHtqK9q5TRnGxP3o6W1nBuZkX_gzI_l19RSCKpb8KSq2jYa8cCX9yqytWk45bokr0HPm3UGcgVUL-HTqVdYETI4CRav9F1NLfntORkO_3JAyZso8pgUoTkCvnwfw_wEyeFeuOhyx8wnXxfqqzQrxsrjHfjh8N8g7ftrf2gzlFUUwF7HR3Ynv_M9YCf_Prhp2Cquvw4_Wsi4O11zHKZaz2nl33dimsQDJbNT0QS81eUgKowYrXSLj7oVgF7pZGb-zKqD3tOXm67doOJynW9rBQWFZm9N7oHsz68BduoiIrYA_Q2e3XbGPhiVaxvRIcF9SYDDUkfOyOfuYyC0MhoHTiffNZxyKdsD518ChqKKSpqE1913zghWX_fLBMaRFbryTTtLxn0fs5dEgeqxhQjkWR0qu1e4RB4jqVerslCWMbJSZRzHPIQgtuNnVwinO4woA1NZp_pKKpYQTbLrhLheZztqbhWm8Hf6VAYZHhLGoWK7J4LbFcbgA6hA1nKWcbvqqI0-Q28-RPSb3jxUmyYKBm4NadwtcIau9PX8budGMzIj7IHq7pi6zKvNDl_AKK39j1DtE3bRG-Hs7p7LBMk-5d9m1SPRektFjeLDfp5PWxUTHjrK2I7XlWOBz7K3sqERAHUbRxmdVpmnCcgX42AmS8H99rezlObilOx65KGvdGN9b3_BdJoJ-I4KNstMMnoiNjWItxbq7aIPlYwdlk2ntohLUyl3KzG7qoEQeZV63Bhd2Z9vgbLQpkiEsrI71dRAvlpi70t4CS-xvcHaBs7CkY1xwJUpbfXG0nkeZitQDmW9J3AcK4_7RxzWEXEfuHHBATkc13udhvuJUig0Rl8iXvej0E6DOMJGb_EpdZxhbUCN3uzNKnUtJkHwz5LBaEDcUSQP9_eTUnHI_D_8IbGI-qTp2lHoQUBIaZrwMYnTZpXO5hQ8FLulCCKd_4rdtlQBRsH2ONm73WeP9sXBpkY0GLxY9HyQl0ZNjV8PbNfCJeCoDzqdsb4nTVHote17YDVXxWgMEhJlO3o1_dycYefsvaHP2CaP2xLSt2ju5aRS9M3GlfOAlrSXmo1dcOTmRnuRrKk2-QLYZOr0BpjEWKW34hAn8vPKA486HA7HArNKidnsyPgNdmgkLC69D1lRCGFxPsSDbTvfnACkrBqOxQA6weiUyOtMwoaZ_34DujXuj07E1zocFEjWpiP9PcmZ9o6ENDV0O8d6Ulo_oaDcC4KGeIJ1w8P2he1c4q0GH87Rc_6i51MAjgCEM5KYIyt21ROBLZ0PAPtDfDesiXdiEXgB_63HJwD9aK0Bjuowu53RsNz5_eOK1WQTr6g-ZN7TyEMwXOlFsx3DGWWFq2-kgs8ooo2fuhPWGCUkIZMK86uUB8F2IWN3sdcaoT5iMIdIyDEctvutm74J2PJDR7YFe6tMaNhzpN38DjkGB_DKvuga0zxcgT52MNKZe9MvbvdWP66pVQNoH9bWGJhKVMHyYQP8jZIDBIPoQqKcoglkVB519C7nVD-GFLmnLWtmvcho41M4_iEzKQ5GWUaS_v65e03l8BTt5_Qz7QK4gGkXGPIhlfysHai1rZVcparbvDS7PbP_V_gltz4Voxv1e_Q8ltM7eOAvac3Arm_nqBOUR3wnUQYripewL-GDFbBrmxCSyOmg2vQtPU4BgNOW7bNAYPMzto9Zg_eBbQrRupFwMiIcPneKxLI4XlOKFLauUNgaspj6mmtQQ0AxSG42grMheuJxgHR91tNPRpsek9ELNzQT6US0Ndj-HVMBvZUCQxut111TS0pvMxlb-T6CvYPpWAJ1EE7s04nNaLXT6HqPyGDbyjOwK4lxZ6C4TfmsKCU24_3-MgW9eM1Wrg0TQaQ1dWmDkraZSW06QiExl-j4XL6daTPYNsjVHmkpb5p_Ybe9y3b2Xx2leSEqpTlgz85eiy11zPqKxHvbvqmA5PaSVxILVylURFO7WmkEhEM7PDHsyET5HG1ODKA4B_lChP9ElyiYjm3t3NNDdDfnrSM38FTrGtEMQYuLHz73o8H5EA4CjBIwjrA9f_rsIUBizUVUcMTT9ynn0RgbtMnBxof46tzmZNndm1NvpdQfY3uK6CIpcJ_7skxwUrIdDllQYhBmxhh0KU96fwBRbuNvDLdhkT-AfCy66nTFbbuuAApwgeh4HzhO_ORlyC1j0nhhMMGMpxg&cid=CAASBORoTh8&rfl=1%2Chttps%253A%252F%252Fceoemail.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:59:38 GMT

GET
H3 200 impl_v91.js Show response
www.googletagservices.com/dcm/ Frame B06B 61 KB
23 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v91.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23646
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 14:40:45 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 599D 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 83129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B28450931.344493821;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=356101039;ord=43i8qn;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzawRGrdYY5ieLtWTgQfT5KrgCoX0_PRs8KGWy6UQ... Show response
ad.doubleclick.net/ddm/adj/N34506.984338AOD.CO.UK4/ Frame B06B 11 B
81 B 63ms
62ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N34506.984338AOD.CO.UK4/B28450931.344493821;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=356101039;ord=43i8qn;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzawRGrdYY5ieLtWTgQfT5KrgCoX0_PRs8KGWy6UQv8qivcABEAEgydCDAmC7hoCA0AqgAf6R9PQoyAEJqQI-R0dubjKzPqgDAaoE3QFP0MBb67DCvOIXBpV5VRLbyyGHAHdHfzCEYNokXdjCMfF-jBC0m2qt_XlnMC6QlUd3TtHvux0iRpFAOof7fMkl8H4xYyvFQK3xuepvlFLpq4zDLnfqqg7htoDwhfjTluHtJPmUihlluDO3tad3hihYb32VPDdo_Mv56U3JyynRlOLuA0xkQyWm2w1G_gVIwFrRejnNnaGdbQsVOU-2BGqAZSVd5grB2fgJEZGCNz8j764YErZlFB4R6J4bVPDNmtrpErgcypcCltTkk7qwegDDBBEivHY3rmq3LABj-sAEv4SPlYkE4AQDkAYBoAZNgAf-ycTUA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATz9K9ENATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASBORoTh8%26sig%3DAOD64_0N8Pa1Bb5SjLLZxmUwUNm5o7e8Yg%26client%3Dca-pub-0390685968784255%26dbm_c%3DAKAmf-CPMicB31h3wv-uALhdsaaA3-hSTbPY___pRfIdMEVPvRjCj1w4jGUBCBEofMqYxMXRyrl4iN3BW8Q5jLR1QlLinb6OzKR6fTXkJV7pPM9q0UceKuID5e0OyJjlzNxeWohhEL-j2RTUxlZ3zSMU-x1LOUYxmBqfZf9E4UC_iQ8uSLP2UaM%26cry%3D1%26dbm_d%3DAKAmf-BsvxpTADgyBY2BBgRhbZ9fCQGu_H3MC9Ffvz3R9KYpKwyoDkBWCbtg-USnUuVekVfhBxzX7WTfrRNJnr1oFHQmNkGton6XAltcD_7zju41Ki0IM-lUJGvvW3PPrwvRUxPXxuduzOvseaE28k_KG8gyeqYlvrcuZ5iY7db80xgX28x0UbZI5fKRxMPX6REqtelVgc5PFTeSevxH50QjKSpku3WD8CKY2Co5o_Bo0WT_LaPKuU6VPSoqkqiYwrHK2Dj_aRDDZVlPuUFRIW--rEGj8QrsgNHwsNH6-WbiDkJpowns3KDR9tQpEBAwpAnqkGDlJd_r-Gan4-SJpfIkwKvZ1pJ3NjPDSw9ZzU7_LzJcN9gJ_3l5aQUftorCZj2yrI1qEr8lfqcCrhe4sDNpNZ4TOrzZi3a7upAQ_biI6ZWBghIgG4szIj11EjQV4Qcb2uk5uyS5fNCUwYGEzBZ7NYckenWNL5dKFmmyCbSQq0fPoRuCj3pEVQ_bRrc_dccnm3ZNLpLB2ZLqud4i9xvIe_F8nl1WkEZKkKV_CrgnTAT6DQMFeL4g6rXm5JoKsK-6KeI6ytii%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fceoemail.com%2F$0;xdt=1;crlt=l6cxj(FP-A;stc=1;chaa=1;sttr=69;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.19.8.358.js Show response
static.adsafeprotected.com/ Frame C63D 195 KB
60 KB 175ms
52ms Script
application/javascript 2600:9000:2451:1400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.358.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1168538/65619267/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2451:1400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:05:15 GMT
x-amz-version-id: 0sn4_UL9l8bkgP3Aut8sG_7WwLSS70Jz
content-encoding: gzip
via: 1.1 fd7984f542db60e1fdef1a18277aff76.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P2
age: 624114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 17:05:47 GMT
server: AmazonS3
etag: W/"85e0b2aa9650a8cf76c0baf4d5352463"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 00UfZgNHNDv4OCFymDr9YICiotvBEZRuLwr5I0ozOSh-sGiIcf5Lkw==

GET
DATA 200
OK truncated
/ Frame C63D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81a4739b78e8af641e7ffdd2b0241306c3e49b7b94ae0123f6c4cb3a6fab419f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4954 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC0aJG7dYY574Lbq-9u8PqrO02AkAAAAAOAHgBAI&bg=!EBOlE1fNAAaaxvStusY7ACkAdvg8Wqpkk7YsYXIKZAZcC9HFKuIda1Wx2E5kSK1Msp8TKTltQTDN0gIAAABWUgAAAAFoAQcKAAvRsvR9tnRb8xdLh5kC0gXZ6vYS2EUR9vWHPC4ryxGKSVEEDViseTUW8H1JjnVFyU_MoyG2fp19RIRs1026g_3ruiI-p0VC0tLI0jv42Jpkhp07gAuyck6DGXRe6lKuuDmKK5hs9sUo3x4NOOD1kvSHJ8eLCL3mzjHFw1-Hbjum_YQ-M1OIObJlwId-sRHh-nS5G1Xl0IRJbgA_6JAYx6oYgka0ZlWyaoUkSsa5qJvAUwn1BZZtjDY6wPQXc8jjgUdvM3TJBn-ExvWJ3bqBi71CUyB0bqUuG1wYlMZ3fCwZjJBPBjU1Ncaf3Hg3llSKlkZajtYgcvMNz-M20I-sqckgMbJJBV5VWdLr_bXYPFhXqOfSL8ZUrlgxP7WFffFH_gq_5uPHs26Dqw57CTojRWgEVulE5lMYUvZRoUcnm8AaEfEugi5a7qw_TflYh4utCT6EuLY2ZE2CbMugC7JzyCUtkRWb8vKe_D4Lw2aSXFVhpMHot-L-b0kBi-qxGk4xePfhScHrY60WrsIO7z1w7WaT7IBahsrNL3a6ORUloNQ_AiRGi4yjXo6x0hfj7DZ6rxI0Dughu2h73_GAiujZIIjEmJVA86izsjw4nQhgrVs4bz9RtE4lgEz-Tj7ruyTQLjdZRJbTw2Ji7qruVali5Xj1XMhwtAEhH7gsDwZEOPSK3Nxtv_n-JktsO0D_Y-R5l2JR-f95J7tItTWVycqBq2cyGBJ0cq6517X5Lj3E-7WEn_3EhlW-GKwc8GKghKQCT-w2aXE7NupoqWTPeCbWY96TyAzu55GVeeX9ysyqvwskXLzPFDpk1x331JVrGxJz22r-1uV6hmIbK2ze2JBXNKHlnxFpC0X7okwAo6lJJc63vtheGmh3UiDeQlPwTPA8TA8M7LCHyFh2BlI6XPsVFZHRvESzNXnf_xqRZ6ByAO-WWwLMhORFiVGuwdemGBOCIctOphnlK7j77a2OGyTAHe9X

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js Show response
pagead2.googlesyndication.com/bg/ Frame 599D 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 03:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 03:48:28 GMT

GET
H2 200 main.19.8.358.js Show response
static.adsafeprotected.com/ Frame B06B 195 KB
60 KB 178ms
107ms Script
application/javascript 2600:9000:2451:1400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.358.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1168538/65619267/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2451:1400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:05:15 GMT
x-amz-version-id: 0sn4_UL9l8bkgP3Aut8sG_7WwLSS70Jz
content-encoding: gzip
via: 1.1 fd7984f542db60e1fdef1a18277aff76.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P2
age: 624114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 17:05:47 GMT
server: AmazonS3
etag: W/"85e0b2aa9650a8cf76c0baf4d5352463"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Bjab9mepWhO8pDrZ-H-7dTrg4dP3s4-EwaB_CwUPUEGC5HQYKUcIXA==

GET
DATA 200
OK truncated
/ Frame B06B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f19385ab7c5ea40bf75f6a63334fc1a050f5d886b0ea239d5fd698f6fba82fd2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 599D 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7EK6HLdYY-_4AdaTjuwPt-SQCAAAAAA4AeAEAg&bg=!Q0ClQATNAAaaxvStusY7ACkAdvg8WjLIYAqSbt4rWkVrZbeT1hhedgSxz8imNLsYaFR4aazicMSy-gIAAABZUgAAAANoAQcKAJZySxUxOCPCzDv5ezL55UFaZ07SBXnIM7BHbTxpXLhTDzk0Ss539ZpETytpRP7CnhBQMu0FfjTWb_2TMlj5PD0duvEPO6l3MdvO3fec9mfpcDgrctlNqpcGib1o83gfo4ASbnqNrgpjO4rY2Xo9MaojYfeTBSVYz4Qk-yAiDvzTnIGjPb15DQyKUGkDVegNywnisNXI3nyZAsow88DaKQeNJpT7E8HZquGSyXL8Ucp5mFTRuzhMC_XIX9adllMT1SFkudygeAoZBgwa6Nx2G-i9G7MWbwK307oXy-4y-CBAYr9jUCf0rFFKW1YNEMId6ejsM7VCMFcxQnoifxzfmtbyUrV-sS-BGCDA5mHJJuPCNd2clHSHvN_kMZMF800rehv-WtI5_-PMFK0aWhX9fFvUOQXHiabG9py9q_ESsmhOGVwx-irfcVQkYJhu9XqRKytgIDi94kF77OwO0zrH6uhQO7DPg-FJeNyLLOjjxm6ptAFzQ81aB0B82ISoUK1GjJV5zT6LAnp3SSZ8UuYFNTn-hXHzeRxPKP9L--_lJpZeXXmf329YitSrJbxE30UflqYsnFA_JvP1WGzoW1YtJ6xqV3WBTrPk7MBgwatngBswbt9R5ecX5W9TKO0GatOTZw1wNVf_sLyBONhiUBgDLCyVyfWOvm1sRGRGmWBNqJwZ9czBdf2xfta47sHDOWYOtariB7557UFdaC7vRzYKw7N4e8cTElUPb9a2AybdFnHT5X2iNXYAd3sD4WWghT4Vpfu-NfLn0Z8rB6pfy5Nf0VqG4_4iIP3sHygxFYFofuUjpQBZzBkPd16uR69_6DGAEcZ9ONNVorB2Zr14Nbt7xdTYNsgnMzCTvbMdHw69czljK-RVj_LVH0wTg22lneFHjPAgkbnVd6UazpVJQcIdOV1C2j0j9gu5ktJzr8SYuOdiVa3OEdSH4MIjr3r7QLiK5VpekCG7aKzy1zVnHqYBsQlZLmgE30cxehgLWyL2DtkMF15RAV8N753UmQPH8waMBf5J9DfQbSUY8v3V6u8gFEnqCFtpBgjFbhE2vPMjmGCfb1QWXba4GmnF7d-ek5FB0GnhMDn-mKWj2sEkffQLciZVKrgQW1jEHufs8Iwnw4__ek0JSci_UZ8Qpx9EsHbbSmQAmws

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame C63D
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1168538/65619267/skeleton.js?adsafe_url=https%3A%2F%2Fceoemail.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fceoemail.com%2F&adsafe_type=e&adsafe_url=https%3A%...
https://static.adsafeprotected.com/skeleton.js

17 B
466 B

50ms
49ms

Script
application/javascript

2600:9000:2451:1400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
Protocol: H2
Server: 2600:9000:2451:1400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 fd7984f542db60e1fdef1a18277aff76.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P2
age: 10117569
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: lD2pR87rzrshpOdxGJKwAFDIfWBr5VFLjIhRai51PfIKYqf8wEmXgQ==

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame BC53 91 KB
23 KB 48ms
48ms Script
application/javascript 2600:9000:2451:1400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2451:1400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fd7984f542db60e1fdef1a18277aff76.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P2
age: 2983851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 1K6uj_Yfwukt7t233YPZOQg8e4dbnurjDKzQPmp8MYalhCFjC6BI8A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C63D 43 B
215 B 452ms
130ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=8bb7fc26-b0f7-6aa4-3d7d-5ad61d400228&tv=%7Bc:s7xSCY,pingTime:-3,time:290,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:266%7D,%7Bpiv:0,vs:o,r:l,t:289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:290,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:266,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B38~1%5D,as:%5B38~160.600%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tllavkq+11%7C121%7C122%7C13*.1168538-65619267%7C131%7C132%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:268%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C63D 43 B
215 B 448ms
131ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=8bb7fc26-b0f7-6aa4-3d7d-5ad61d400228&tv=%7Bc:s7xSCZ,pingTime:-6,time:292,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:292,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:266,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B38~1%5D,as:%5B38~160.600%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tllavkq+11%7C121%7C122%7C13*.1168538-65619267%7C131%7C132%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:268%7D&tpiLookup=ao:ceoemail.com*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C63D 43 B
215 B 570ms
256ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=8bb7fc26-b0f7-6aa4-3d7d-5ad61d400228&tv=%7Bc:s7xSD7,pingTime:-2,time:299,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1056,bdZ:1279,beA:1513,beZ:1514,mfA:1760,cmA:1762,inA:1762,inZ:1767,prA:1767,prZ:1772,si:1780,poA:1781,poZ:1799,cmZ:1799,mfZ:1799,loA:1804,loZ:1808,ltA:1812,ltZ:1812,mdA:1514,mdZ:1740%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.604,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:266%7D,%7Bpiv:0,vs:o,r:l,t:289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:299,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:266,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B38~1%5D,as:%5B38~160.600%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tllavkq+11%7C121%7C122%7C13*.1168538-65619267%7C131%7C132%7C14,idMap:13*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:268,sinceFw:30,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame B06B
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1168538/65619267/skeleton.js?adsafe_url=https%3A%2F%2Fceoemail.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fceoemail.com%2F&adsafe_type=e&adsafe_url=https%3A%...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

44ms
44ms

Script
application/javascript

2600:9000:2451:1400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178
Protocol: H2
Server: 2600:9000:2451:1400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 fd7984f542db60e1fdef1a18277aff76.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P2
age: 10117569
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: PQfzKe9XSuYH0Q_V9o8BMewOUbJpYlC9axwqsfiyRTJvqgsqo4Es8g==

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5069 91 KB
23 KB 48ms
48ms Script
application/javascript 2600:9000:2451:1400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2451:1400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fd7984f542db60e1fdef1a18277aff76.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P2
age: 2983851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: sF5XF4CT9oaN2zqGKtiHcTrowwX2j_5F4zfox-pw9sXSXY-pwGh_Uw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B06B 43 B
216 B 416ms
129ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=35285be6-d353-72c8-51f8-20b235f7fa54&tv=%7Bc:s7xSDx,pingTime:-3,time:271,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:262%7D,%7Bpiv:0,vs:o,r:l,t:271%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:272,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:262,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B12~1%5D,as:%5B12~160.600%5D%7D%7D,%7Bsl:o,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tllavli+11%7C12*.1168538-65619267%7C121%7C122%7C131%7C132%7C133%7C14,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:263%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B06B 43 B
215 B 415ms
130ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=35285be6-d353-72c8-51f8-20b235f7fa54&tv=%7Bc:s7xSDy,pingTime:-6,time:272,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:272,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:262,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B12~1%5D,as:%5B12~160.600%5D%7D%7D,%7Bsl:o,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tllavli+11%7C12*.1168538-65619267%7C121%7C122%7C131%7C132%7C133%7C14,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:263%7D&tpiLookup=ao:ceoemail.com*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B06B 43 B
215 B 538ms
257ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=35285be6-d353-72c8-51f8-20b235f7fa54&tv=%7Bc:s7xSDD,pingTime:-2,time:277,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1355,bdZ:1400,beA:1587,beZ:1588,mfA:1845,cmA:1845,inA:1845,inZ:1846,prA:1846,prZ:1848,si:1850,poA:1850,poZ:1857,cmZ:1857,mfZ:1857,loA:1859,loZ:1860,ltA:1864,ltZ:1864,mdA:1588,mdZ:1798%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.604,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:262%7D,%7Bpiv:0,vs:o,r:l,t:271%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:277,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:262,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B12~1%5D,as:%5B12~160.600%5D%7D%7D,%7Bsl:o,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tllavkq+11%7C12*.1168538-65619267%7C121%7C122%7C13.1168538-65619267%7C131%7C132%7C133%7C14,idMap:12*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:263,sinceFw:14,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C63D 43 B
215 B 469ms
258ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=8bb7fc26-b0f7-6aa4-3d7d-5ad61d400228&tv=%7Bc:s7xSEK,time:400,type:e,im:%7Bimprf:%7Bttecl:832,ecd:107,tsecr:0%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:400,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:266,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B38~1%5D,as:%5B38~160.600%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tllavkq+11%7C12.1168538-65619267%7C121%7C122%7C13*.1168538-65619267%7C131%7C132%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:268,sis:375%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B06B 43 B
215 B 436ms
257ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=35285be6-d353-72c8-51f8-20b235f7fa54&tv=%7Bc:s7xSFh,time:379,type:e,im:%7Bimprf:%7Bttecl:587,ecd:91,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:379,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:262,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B12~1%5D,as:%5B12~160.600%5D%7D%7D,%7Bsl:o,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tllavkq+11%7C12*.1168538-65619267%7C121%7C122%7C13.1168538-65619267%7C131%7C132%7C133%7C14,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:263,sis:354%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426461&bpp=3&bdt=259&idt=161&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&correlator=817162331414&frm=20&pv=2&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dzQCA5QZEa&p=https%3A//ceoemail.com&dtd=178
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C63D 43 B
215 B 223ms
222ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=8bb7fc26-b0f7-6aa4-3d7d-5ad61d400228&tv=%7Bc:s7xSIJ,pingTime:-10,time:647,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666758428821%7C%7Cc1dfca4bf6dd4b4385b4f9719fb1e228%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C0ff0d77f47a68ef54b67988788887094%7C%7Ce5a2b08e6664c04c6edf07bc5d4f3f55%7C%7Cf8cac4fce8e00951b003f127a0e6a8cc%7C%7Cc60c23e30b7adf51e9bf2b017df6239a%7C%7C1a361ad9f54e5520e26be2045e0dc198%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1666758426&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666758426464&bpp=1&bdt=262&idt=194&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=817162331414&frm=20&pv=1&ga_vid=417697630.1666758427&ga_sid=1666758427&ga_hid=405246216&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31069973%2C31070467%2C44775017&oid=2&pvsid=1279289477835541&tmod=430386591&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rKccgCAMNs&p=https%3A//ceoemail.com&dtd=196
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:08 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 137ms
55ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

338927df1378ff97b9d4891e42f25d1135cc60473debb536e650193c1be75fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11209
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 04:27:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3FE2 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 26301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 21:08:48 GMT
expires: Wed, 25 Oct 2023 21:08:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F9B5 783 B
1 KB 140ms
51ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a8c56d41892eea09725a9c910fb3a4297e753701db72656e9df14cd144fb5f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OMcTEfLiiaXkoaRzHXbtng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-OMcTEfLiiaXkoaRzHXbtng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 04:27:09 GMT
expires: Wed, 26 Oct 2022 04:27:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FE2 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 03:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 03:48:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3FE2 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xiZejg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 04:27:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F9B5 0
0 75ms
75ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221020&jk=1279289477835541&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B06B 43 B
215 B 130ms
130ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=35285be6-d353-72c8-51f8-20b235f7fa54&tv=%7Bc:s7xSTl,pingTime:-10,time:1251,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666758428821%7C%7Cc1dfca4bf6dd4b4385b4f9719fb1e228%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C0ff0d77f47a68ef54b67988788887094%7C%7Ce5a2b08e6664c04c6edf07bc5d4f3f55%7C%7Cf8cac4fce8e00951b003f127a0e6a8cc%7C%7Cc60c23e30b7adf51e9bf2b017df6239a%7C%7C1a361ad9f54e5520e26be2045e0dc198%7C%7C1663701684,sca:%7Bspg:8bb7fc26-b0f7-6aa4-3d7d-5ad61d400228%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:09 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B06B 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszyWsDrk1X8GsqGJc1P3Z-XHk5EpuQFFaMv7yPRMxstzGkJ4aFBx0Oa2DuNDyT_h0izf0N_Sk4-z2Ip6qXUPveM7hjgkTYSm3pPxXVygfvhouiFAnWfSD8wX7ytulQaO1JBmr1Dw&sai=AMfl-YRzCrpihMbH_MlIKk1H5Yy-w15rFfadgOXSSgL8n8Y7_qycbtbfpWZ1PY7KGocU-ghnlHkaM9G2ndnpogI&sig=Cg0ArKJSzCgDapzUMUMYEAE&cid=CAASBORoTh8&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=4205943629&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666758426641&rpt=2115&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C63D 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG9kd-9JUmEEHakZEOXh7X05sLnlYtGSyW8IWjywc-0YUWJy5MCQQSrG8Dj5m5yFlaNhcTlLrkNxC3HGpRzqs569O-AumuaWQceGzeHo4rYpiaprtpvcEQK0YWQXBh0drXeXzNSw&sai=AMfl-YSuhhVAuVt-J6R4wQ3cbqZ1H1CsGXChj-iqXhl_thykr3McqcksQ7rNPs1xWV8UutOt5rpmCucF3odQcZ0&sig=Cg0ArKJSzKroyAeLtoj4EAE&cid=CAASBORohV0&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=4205943629&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666758426661&rpt=2113&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B06B 43 B
215 B 130ms
130ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=35285be6-d353-72c8-51f8-20b235f7fa54&tv=%7Bc:s7xSYb,pingTime:1,time:1551,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:262%7D,%7Bpiv:0,vs:o,r:l,t:271%7D,%7Bpiv:100,vs:i,r:,t:550%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:550,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:262,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B12~1%5D,as:%5B12~160.600%5D%7D%7D,%7Bsl:o,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B279~0%5D,as:%5B279~160.600%5D%7D%7D,%7Bsl:i,t:550,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:131,fm:tllavkq+11%7C12*.1168538-65619267%7C121%7C122%7C13.1168538-65619267%7C131%7C132%7C133%7C14,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:263,sis:354%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:09 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B06B 43 B
215 B 132ms
132ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=35285be6-d353-72c8-51f8-20b235f7fa54&tv=%7Bc:s7xSYc,pingTime:1,time:1552,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:262%7D,%7Bpiv:0,vs:o,r:l,t:271%7D,%7Bpiv:100,vs:i,r:,t:550%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:550,n:271,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:262,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B12~1%5D,as:%5B12~160.600%5D%7D%7D,%7Bsl:o,t:271,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B279~0%5D,as:%5B279~160.600%5D%7D%7D,%7Bsl:i,t:550,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:131,fm:tllavkq+11%7C12*.1168538-65619267%7C121%7C122%7C13.1168538-65619267%7C131%7C132%7C133%7C14,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:263,sis:354%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:09 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C63D 43 B
215 B 148ms
147ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=8bb7fc26-b0f7-6aa4-3d7d-5ad61d400228&tv=%7Bc:s7xSYo,pingTime:1,time:1618,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:266%7D,%7Bpiv:0,vs:o,r:l,t:289%7D,%7Bpiv:100,vs:i,r:,t:617%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:617,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:266,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B38~1%5D,as:%5B38~160.600%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B328~0%5D,as:%5B328~160.600%5D%7D%7D,%7Bsl:i,t:617,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:225,fm:tllavkq+11%7C12.1168538-65619267%7C121%7C122%7C13*.1168538-65619267%7C131%7C132%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:268,sis:375%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:09 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C63D 43 B
215 B 129ms
129ms Image
image/gif 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1168538&asId=8bb7fc26-b0f7-6aa4-3d7d-5ad61d400228&tv=%7Bc:s7xSYo,pingTime:1,time:1618,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:266%7D,%7Bpiv:0,vs:o,r:l,t:289%7D,%7Bpiv:100,vs:i,r:,t:617%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:617,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:266,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B38~1%5D,as:%5B38~160.600%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B328~0%5D,as:%5B328~160.600%5D%7D%7D,%7Bsl:i,t:617,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:225,fm:tllavkq+11%7C12.1168538-65619267%7C121%7C122%7C13*.1168538-65619267%7C131%7C132%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:268,sis:375%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 04:27:09 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
79ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221020&jk=1279289477835541&bg=!g4ClgMTNAAaaxvStusY7ACkAdvg8WgfzRqg-yuYbVeIX6utSQmwlbCBdek03d4w_pbT9F3S-Dz3yHAIAAABHUgAAAAtoAQeZAqZTYLgrIAwmYQo6LBD8LsKJtFpgSyR7nYB3TFEt04ckxCvQ2fSoumnPm5Bgw2XLxUBJlRnMBQEkiwFHYo5u4qUvzUxnu0GTCvo9sapkaxr0WI2BylxbMCi0JbKgEKQRnarlHdpnLLM4QWHIADGZQr5yqF1rBA4ZxQab6gaqxXPtz633C6IAAQi_C_2Vl6uN2TTCYrbxZ2NiAJkDUm6LqotngLdxZUBWdge02SbFBrBvppvWjYww9bmtYRTi_h3gKai6AKB3AU_wnz--aCpZzBvlyLFpOFox1zl-FE4DkI315n3BlL-MVWJ7NC6UOHh3Oi0MWTE0K8KYIBOZWuRB0PrwFtpH6wpSzfZt6VRekkBd4uk0YxMvzeNUm4bfCbVePR992KmgMCuH02PrOyxgtQk3mxC1esQGEWx_fFGE2RutONIswGGA_ckFCpubsYKhSfa-EqeeO-O9GcOjgCAZwpMDU4K6Jj5HHNbb5LpnAJ9jSyRfQguk8BllPWTs3y8H2AGeE8sHnpNQ82tZSkekO-YcRKJCT1KmImjDvd_0RpsheLGoCzecmRIgH4npO8OWzKm-OfNf-wb07lVy3ew7XQjLYNkkF5gpWno1y9dDyCAVxLQ1q-KU07R0Iim5TDmJpwoKJR0tPcdWo5oG-q8HYETf-bwyyyK5q8GoFxyVoIeNy_Bwl-9wgS5fCaXQHvuR84UeQyqxER9Jg9TrYp03T7uDtiliAlZHkrJ3JgxQ64PJb1OjWFDGTUzW4LaAtNmDk0jIHIS_Zwn9AMBa0oYpPQZ-O71Sdw_XKFH5f8hNa9NfObEdOc34xNdVgsllZ3IwWJBu6baZahxu7LCwzev_llKKNSaR8btTJS2XidMzAA90cGIqYMXmTr0obPouV3Y4VfCSOXCUPU0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ceoemail.com/	1970-01-20 16:20:54	Name: __gads Value: ID=2edb43f0b084ffcf-2239d27f55ce00d9:T=1666758426:RT=1666758426:S=ALNI_MaMhe-LtK4Ke3Iv3Hhd3JnR0Fh2DQ
.ceoemail.com/	1970-01-20 16:20:54	Name: __gpi Value: UID=00000b7872fc27f8:T=1666758426:RT=1666758426:S=ALNI_MYfDcOKeGsVJnvF_XYpO9TWzchl7w
.doubleclick.net/	1970-01-20 16:20:54	Name: IDE Value: AHWqTUlIG7skU5dFmVZrpioBI-VGghDXNv3DY2t6jBuZGDV10Po1Rs34k4_rAR6vCxU
.adnxs.com/	1970-01-20 09:08:54	Name: uuid2 Value: 3450035569938052201
.casalemedia.com/	1970-01-20 09:08:54	Name: CMPS Value: 1113
.casalemedia.com/	1970-01-20 09:08:54	Name: CMPRO Value: 1113
.casalemedia.com/	1970-01-20 15:44:54	Name: CMID Value: Y1i3G3mopil6zmXFALPQ8wAA
.adnxs.com/	1970-01-20 09:08:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVThM(fZ!]tb)8i_iqf!oN/@E'zz<Z0Qk>=8?248R!s6E)6L:Tu^d$mj>FU21rnOddTD._*PlZ[C[-kX-8qd_6
.casalemedia.com/	1970-01-20 09:08:54	Name: CMTS Value: 3284

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ceoemail.com/ceoblank.php?r=b Message: Mixed Content: The page at 'https://ceoemail.com/ceoblank.php?r=b' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.co.uk
adservice.google.com
ceoemail.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
static.adsafeprotected.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
pagead2.googlesyndication.com
142.250.184.194
142.250.185.70
185.80.39.216
185.89.210.244
213.246.101.54
2600:1f18:1aca:4281:979f:b73b:1ee6:c9a7
2600:9000:2451:1400:8:48e:53c0:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
54.77.210.17
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
338927df1378ff97b9d4891e42f25d1135cc60473debb536e650193c1be75fc1
342fdc91337297b955f28ae6a080c03f098fd30421119474694e7a7258a157fd
395935c74316e5d9efb7e4aba02009a692b94b75536a115142fa5adde45e48b6
412330a0b5334eebc5b643ec944366ba631c03c2eab57687df40c8c6e62b26ba
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
694b70a44441d71ecb41b8d1e931af3b1ec0a421e805a109bda7bd73c5146096
6a8c56d41892eea09725a9c910fb3a4297e753701db72656e9df14cd144fb5f2
81a4739b78e8af641e7ffdd2b0241306c3e49b7b94ae0123f6c4cb3a6fab419f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ee757a762db05255b22b93942a25cbb6cf4a0cc2a066cddc39b2cb4a7355282
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a842ff2499db6da63a4111d7dea3f38d6287fd56df96a446f85bbfaf3a13d09e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3559689700523dfef2ce6608c1ad00b50ab5494669d5fe2f87aa2ecccdd5efa
b65297733b64719c8ea71e176ce97e0dcc6c46611aa5596b5ab8303727a910f0
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
bc6f553554002b84016dd09f660e3a86eb051181541f3cc8f80bf780666e91a7
bccdd6a66b470d140ce9d1ba74fe0a931eef42d8878d5f54c7b3c7365830a5bb
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf73f2baa31540630a5ec72d2cb5c7a165584ea2f6c4a88e7251dcfda5334e04
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19385ab7c5ea40bf75f6a63334fc1a050f5d886b0ea239d5fd698f6fba82fd2
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

ceoemail.com Open in urlscan Pro 213.246.101.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

86 %HTTPS

63 %IPv6

10 Domains

16 Subdomains

17 IPs

5 Countries

720 kBTransfer

2068 kBSize

9 Cookies

7 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ceoemail.com Open in urlscan Pro
213.246.101.54 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

86 %
HTTPS

63 %
IPv6

10
Domains

16
Subdomains

17
IPs

5
Countries

720 kB
Transfer

2068 kB
Size

9
Cookies

78 HTTP transactions
2 data transactions