www.hidethisip.net Open in urlscan Pro
198.251.90.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fr.hidethisip.net/
Effective URL:
https://www.hidethisip.net/
Submission: On June 15 via manual (June 15th 2023, 2:40:46 pm UTC) from RO — Scanned from FR

Summary HTTP 57 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 57 HTTP transactions. The main IP is 198.251.90.20, located in United States and belongs to PONYNET, US. The main domain is www.hidethisip.net.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.

This is the only time www.hidethisip.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.36.122.54 54.36.122.54	16276 (OVH) (OVH)
1	198.251.90.20 198.251.90.20	53667 (PONYNET) (PONYNET)
6	2606:4700:303... 2606:4700:3030::ac43:96c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	23.206.208.114 23.206.208.114	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
57	15

1 54.36.122.54 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: fr-54.36.122.54.ipv4.uk7.org

fr.hidethisip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.251.90.20 (United States)

ASN53667 (PONYNET, US)
PTR: anycast-198.251.90.20.ipv4.uk7.org

www.hidethisip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::ac43:96c9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.serveuk7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	379 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	90 KB
6	serveuk7.com www.serveuk7.com	12 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	1 KB
3	gstatic.com www.gstatic.com	15 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	112 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 466	17 KB
2	hidethisip.net 1 redirects fr.hidethisip.net www.hidethisip.net	6 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	606 B
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2353	361 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	29 KB
57	12

	Domain	Requested by
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	www.hidethisip.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.serveuk7.com	www.hidethisip.net www.serveuk7.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	ssl.google-analytics.com	www.hidethisip.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s7.addthis.com	www.hidethisip.net
1	code.jquery.com	www.hidethisip.net
1	www.hidethisip.net
1	fr.hidethisip.net	1 redirects
57	15

This site contains links to these domains. Also see Links.

Domain
www.4everproxy.com
m.hidethisip.net
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.4everproxy.com R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
serveuk7.com GTS CA 1P5	`2023-05-10` - `2023-08-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.hidethisip.net/
Frame ID: 55E0B9F38BE2A0CDE6C75B49F93D7E13
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html
Frame ID: DF7321F042D46CB4271980CF722F579D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=326310110&pi=t.ma~as.4450595815&w=336&lmt=1686840042&format=336x280&url=https%3A%2F%2Fwww.hidethisip.net%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041893&bpp=7&bdt=534&idt=266&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=6679780105538&frm=20&pv=2&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=faq8X82KOO&p=https%3A//www.hidethisip.net&dtd=299
Frame ID: 71A83D7ED20D6D9E76F09FD432B88957
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=220290724&pi=t.ma~as.4450595815&w=336&lmt=1686840042&format=336x280&url=https%3A%2F%2Fwww.hidethisip.net%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041900&bpp=1&bdt=541&idt=304&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6679780105538&frm=20&pv=1&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=812&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IKtPL0pYae&p=https%3A//www.hidethisip.net&dtd=319
Frame ID: 39B0CE0E32995E2FD19748A6ECBB59B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=90&slotname=5927329013&adk=3680528455&adf=1400489018&pi=t.ma~as.5927329013&w=728&lmt=1686840042&format=728x90&url=https%3A%2F%2Fwww.hidethisip.net%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041901&bpp=1&bdt=543&idt=320&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=6679780105538&frm=20&pv=1&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PYBxTPkKqR&p=https%3A//www.hidethisip.net&dtd=327
Frame ID: 300AA4D6587B27B1845C2BC477D94FA2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&adk=2625457464&adf=2459331512&lmt=1686840042&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.hidethisip.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041919&bpp=3&bdt=560&idt=327&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C728x90&nras=1&correlator=6679780105538&frm=20&pv=1&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=339
Frame ID: 6191F767F90DF065CE1CF1CF17C403F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 059CCC1C78C07B399D090C7D7AE54483
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9383C5DDE34E2F1DA570C7DC0FD966A2
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: D4B4BFADD37B077FCDEC15B54080EF52
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E9A934E673D09B25BD9274317196CB9D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D180C7EC89CFE37936BD0C1BA6B7E2AB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: CF2DD40F419E3812E47933AB68C21613
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1022F7E4BA3D08C0AC84ECEDE1758D11
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A295FEB35C6CE000AD3BF8C4A2FF7CA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hide This IP: Hide Your IP Online | Stay Anonymous

Page URL History Show full URLs

https://fr.hidethisip.net/ HTTP 302
https://www.hidethisip.net/ Page URL

Detected technologies

AddThis (Widgets) Expand

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

100 %
HTTPS

80 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

664 kB
Transfer

1844 kB
Size

11
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.4everproxy.com/
Title: 4everproxy Network

Search URL Search Domain Scan URL

URL: https://m.hidethisip.net/
Title: Mobile

Search URL Search Domain Scan URL

URL: https://www.facebook.com/4everproxy
Title: Like us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/4everproxy
Title: Follow us on Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fr.hidethisip.net/ HTTP 302
https://www.hidethisip.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 46

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.hidethisip.net/
Redirect Chain

https://fr.hidethisip.net/
https://www.hidethisip.net/

25 KB
5 KB

6161ms
5937ms

Document
text/html

198.251.90.20
PONYNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hidethisip.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.251.90.20 , United States, ASN53667 (PONYNET, US),

Reverse DNS

anycast-198.251.90.20.ipv4.uk7.org

Software

Apache / PHP/7.1.33

Resource Hash

252048f97b95af2b320defcef79311c1fff66beb4db70386e465de900e87afd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate no-cache
Connection: keep-alive, Keep-Alive
Content-Encoding: gzip
Content-Length: 4665
Content-Type: text/html; charset=UTF-8
Date: Thu, 15 Jun 2023 14:40:35 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.33

Redirect headers

Cache-Control: no-cache
Connection: keep-alive, Keep-Alive
Content-Encoding: gzip
Content-Length: 182
Content-Type: text/html; charset=UTF-8
Date: Thu, 15 Jun 2023 14:40:35 GMT
Keep-Alive: timeout=1, max=100
Location: https://www.hidethisip.net/
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.24

GET
H2 200 4e66f7183e413fffe85fdd81e3309c6f.css
www.serveuk7.com/public/cache/ 9 KB
2 KB 198ms
117ms Stylesheet
text/css 2606:4700:3030::ac43:96c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css

Requested by

Host: www.hidethisip.net
URL: https://www.hidethisip.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:96c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63aa67a35f607dcc47fef68f279a36f2bdcfa0ca1d5cfabe2e3b46333fde5667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 08:41:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"240e-5f98428b077b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXwwRpeuXAWDJOO3qtkuNR7%2BvWaUwP%2F6WCpzqlJG4YKNLeHw7fQJqMMF8b9jghwSEwcg2QCkQfBjqo12yanbTvvXOj8xgaTGd0M3AlspHUtOAmC0I6KRMFSoAxdK8kzlKIctWpVoXIdLLdsOT4HB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 7d7b91d30d140479-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-2.1.4.min.js Show response
code.jquery.com/ 82 KB
29 KB 74ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.1.4.min.js
Requested by: Host: www.hidethisip.net
URL: https://www.hidethisip.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:41 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14979"
vary: Accept-Encoding
x-hw: 1686840041.dop216.pa1.t,1686840041.cds231.pa1.hn,1686840041.cds042.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29519

GET
H2 200 55137343e0b1d13f5684f69d24969ded.js Show response
www.serveuk7.com/public/cache/ 793 B
967 B 196ms
116ms Script
application/javascript 2606:4700:3030::ac43:96c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serveuk7.com/public/cache/55137343e0b1d13f5684f69d24969ded.js

Requested by

Host: www.hidethisip.net
URL: https://www.hidethisip.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:96c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7ce2678586a779f599b34b5883f485d074bc08e7bc9dc8a1b115f52b30a69f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 08:40:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"319-5f98424c946d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJhUmgKyuP5bGW28vYM%2FnKIR9WhPXXUL%2BJPwFkacZTcuZquIAwUtFbwi0sR8b8hcGOfigjCi0ScfjqXwBmRLr9jhdu3%2B%2FPJCa5%2F9ZSwRVqzqr%2BNKPx5ohe%2FTj0Jgzzx6zBEESBrPvnx6Kkg%2FBd26"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7d7b91d30d170479-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
www.serveuk7.com/themes/hidethisip_net/@img/ 4 KB
4 KB 108ms
107ms Image
image/png 2606:4700:3030::ac43:96c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.serveuk7.com/themes/hidethisip_net/@img/logo.png

Requested by

Host: www.hidethisip.net
URL: https://www.hidethisip.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:96c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56cc759c89326e39c45d561b9aae07cfade8e091a8404f1d861967ec5cff1ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Sun, 16 Apr 2023 13:55:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e32-5f9746deca9b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLuAZNou2W5txq%2BYyvE1A99%2FfrI3vVNMrvWiOSwLgq8CdV73BcorWgtnDxORVh5IUMq48pWb9eEm0t5clgWf4LLPEQ%2BD749qZvdcylpPPQTamvNOXzh8elRoAIUAMqHVTNvnTOjtm8clNJ8tfTpE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7d7b91d3cdf40479-CDG
alt-svc: h3=":443"; ma=86400
content-length: 3634

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 162ms
94ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hidethisip.net
URL: https://www.hidethisip.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b1b5dafb8b696e79358cb3093cedfea3e2fbc10586b170af694ce38c92618d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47447
x-xss-protection: 0
server: cafe
etag: 17252156020195227009
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:40:41 GMT

GET
H3 200 sslOn.png
www.serveuk7.com/themes/default/@img/ 1 KB
2 KB 119ms
119ms Image
image/png 2606:4700:3030::ac43:96c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.serveuk7.com/themes/default/@img/sslOn.png

Requested by

Host: www.hidethisip.net
URL: https://www.hidethisip.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:96c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a5ea07a0ccf26cc71db359dbfc0b9b80434663dd810ec2eeee101f1ee120e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Sun, 16 Apr 2023 13:57:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4af-5f97474e7d459"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnsEoywXA35opimzVXGP4WoPWFnLkbpzB1Biqt0uhhOlBNTLJxUK8QLSQOjj9qn8KI3Ibjpiw9POVWpfMNHGt2TcX0rzx07mJOZ1%2BxIQU6tO361Buo236qdVNCOv1%2FjNvIaDTRyLJ3bl3d9AK07W"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7d7b91d4b98b2298-CDG
alt-svc: h3=":443"; ma=86400
content-length: 1199

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 149ms
34ms Script
text/javascript 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.hidethisip.net
URL: https://www.hidethisip.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-114.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 14:40:41 GMT
server: Oracle API Gateway
opc-request-id: /83AB524F479426ACFD1D253CF5159D56/5DEBBEE09637E187143675A23C265783
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 normalize.css
www.serveuk7.com/themes/default/@css/ 4 KB
1 KB 121ms
121ms Stylesheet
text/css 2606:4700:3030::ac43:96c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.serveuk7.com/themes/default/@css/normalize.css

Requested by

Host: www.serveuk7.com
URL: https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:96c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b933fba66b3db3bc0383063de816105a51044313b4a8b44690bb03e1e5e4a47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 16 Apr 2023 13:57:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"10cc-5f97474c8ced3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERm5EOiyj9gc%2FRFmJIYUN7kEGYareawI3z4IMQ9%2B%2FEYio%2BFFn6QggtgVWfDNWA0zYNWW2GN2BJCAsiCvQ9qZTo6ox0OmvSqT0A4IbIqwS1QvCQXcUiAQf1SUO1O%2Fmw2WqcBaSEwh1PfkUh8l4ExM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 7d7b91d3cdf70479-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 88ms
26ms Script
text/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.hidethisip.net
URL: https://www.hidethisip.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 12:51:47 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6534
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 15 Jun 2023 14:51:47 GMT

GET
H3 200 submit.png
www.serveuk7.com/themes/default/@img/ 1 KB
2 KB 26ms
26ms Image
image/png 2606:4700:3030::ac43:96c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.serveuk7.com/themes/default/@img/submit.png

Requested by

Host: www.serveuk7.com
URL: https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:96c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9d9a70ec7418a19cd6152cc1b8cc41e744cc6e6557d02e401592223673c174d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.serveuk7.com/public/cache/4e66f7183e413fffe85fdd81e3309c6f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5536
alt-svc: h3=":443"; ma=86400
content-length: 1207
last-modified: Sun, 16 Apr 2023 13:57:40 GMT
server: cloudflare
etag: "4b7-5f9747521767a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy3mra1yW%2Bd3f2voyWuHet4sgqv%2FYqGRLxSnjj3ztsTytuD85Qi90x1mLWatFQFJ71PQrhdUP8pc9Deiu5brhHJXeYqNorEwZAkyWS9rjdXXa77j4rkI7OZLRmUHx7vFd%2BFEAarB1HIVk8SuI6J0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7d7b91d4b9952298-CDG

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 34ms
34ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1673484043&utmhn=www.hidethisip.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Hide%20This%20IP%3A%20Hide%20Your%20IP%20Online%20%7C%20Stay%20Anonymous&utmhid=1668097168&utmr=-&utmp=%2F&utmht=1686840041815&utmac=UA-29423781-1&utmcc=__utma%3D98915079.1086450341.1686840042.1686840042.1686840042.1%3B%2B__utmz%3D98915079.1686840042.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=91053396&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.hidethisip.net
URL: https://www.hidethisip.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 14:40:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 352 KB
118 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1206893953118841&plah=www.hidethisip.net&bust=31075280

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39ad6cdc7e91f5766242fd58e85f2dd6f64f538cd431c46c66fe0d5433c4b04e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120777
x-xss-protection: 0
server: cafe
etag: 1602756781113669691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:40:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/ Frame DF73 10 KB
5 KB 93ms
26ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hidethisip.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 81126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 16:08:35 GMT
etag: 15057649708203361565
expires: Wed, 28 Jun 2023 16:08:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
606 B 119ms
33ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hidethisip.net&callback=_gfp_s_&client=ca-pub-1206893953118841

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1206893953118841&plah=www.hidethisip.net&bust=31075280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ef78d0c4ed9c22dbb1edb816f8d8665aef4cf03b075638403a2a33b68a7d010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 107ms
39ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hidethisip.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71A8 436 B
406 B 961ms
960ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=326310110&pi=t.ma~as.4450595815&w=336&lmt=1686840042&format=336x280&url=https%3A%2F%2Fwww.hidethisip.net%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041893&bpp=7&bdt=534&idt=266&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&correlator=6679780105538&frm=20&pv=2&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=faq8X82KOO&p=https%3A//www.hidethisip.net&dtd=299

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b091fa3042cc05b5ec2e18e6b704a9d8973b60fd697b6e2ecdee936b13e9ffcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hidethisip.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 14:40:43 GMT
expires: Thu, 15 Jun 2023 14:40:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 39B0 436 B
411 B 640ms
639ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=280&slotname=4450595815&adk=2272674967&adf=220290724&pi=t.ma~as.4450595815&w=336&lmt=1686840042&format=336x280&url=https%3A%2F%2Fwww.hidethisip.net%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041900&bpp=1&bdt=541&idt=304&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6679780105538&frm=20&pv=1&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=812&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IKtPL0pYae&p=https%3A//www.hidethisip.net&dtd=319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c24a7619af119c12675e4a1db749191b71305a15777113df742a65b1a324a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hidethisip.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 14:40:42 GMT
expires: Thu, 15 Jun 2023 14:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 300A 80 KB
32 KB 709ms
706ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=90&slotname=5927329013&adk=3680528455&adf=1400489018&pi=t.ma~as.5927329013&w=728&lmt=1686840042&format=728x90&url=https%3A%2F%2Fwww.hidethisip.net%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041901&bpp=1&bdt=543&idt=320&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=6679780105538&frm=20&pv=1&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PYBxTPkKqR&p=https%3A//www.hidethisip.net&dtd=327

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fd341b5dfb633ac28401c2e4bce1891c72e856501f59d65cecfb1dc0364d464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hidethisip.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 14:40:42 GMT
expires: Thu, 15 Jun 2023 14:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6191 173 KB
48 KB 543ms
543ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&adk=2625457464&adf=2459331512&lmt=1686840042&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.hidethisip.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041919&bpp=3&bdt=560&idt=327&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C728x90&nras=1&correlator=6679780105538&frm=20&pv=1&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=339

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce9a4a36fd98fe60870477363eb626020f5cd033cec6d1ad4bce960b4d8eae2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hidethisip.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 49190
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 14:40:42 GMT
expires: Thu, 15 Jun 2023 14:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 152 KB
52 KB 129ms
128ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/reactive_library_fy2021.js?bust=31075280

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0a26ff2dcbddf5af70a76db30b7644102193f62ea4a036c8cd1d64579389e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52886
x-xss-protection: 0
server: cafe
etag: 14138599533485441792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:40:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 300A 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPQv56iKLZN3kE5WQo9kPt8en0Amt0tOPccWM4d64Ecbw2YrhPBABIJiV1iZg-8GLg7QKoAGGlrv5A8gBAqgDAcgDyQSqBM8BT9DFGH-eU1ZFcjl6uybvMsQY6LSficHmMf_JhUbJrKmn2pUgDSwUA_7ptnkpvoEz7r2POvp3hTZ3D2SCun6O09xQzZJjEPXId2eyNm-W6v8Xy-9Z6CFZjonTL3dvb92QU1w9OcEJHIJV18yDdlyx9jQibMKaw2RbTOx4AYc1uh_aERmpd0OxHXY4A3vpZPd49XD6mHzKPbOuXT_n3uECeG6S_7QNLCSg3_gxxRCELpAUMhSGDlnLuVwIPUAH0oKl7tTeByDW1jvPhJT0SCPZwASS6p2DuwSSBQQIBBgBkgUECAUYBKAGAoAH4unEBqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJfbQNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMTIwNjg5Mzk1MzExODg0MRgA&sigh=X0G5mesBR-s&uach_m=[UACH]&cid=CAQSGwBygQiDZCJ5BV5x1jl1CW_js6ziyPlgwu687BgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=90&slotname=5927329013&adk=3680528455&adf=1400489018&pi=t.ma~as.5927329013&w=728&lmt=1686840042&format=728x90&url=https%3A%2F%2Fwww.hidethisip.net%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041901&bpp=1&bdt=543&idt=320&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=6679780105538&frm=20&pv=1&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PYBxTPkKqR&p=https%3A//www.hidethisip.net&dtd=327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=90&slotname=5927329013&adk=3680528455&adf=1400489018&pi=t.ma~as.5927329013&w=728&lmt=1686840042&format=728x90&url=https%3A%2F%2Fwww.hidethisip.net%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041901&bpp=1&bdt=543&idt=320&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=6679780105538&frm=20&pv=1&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PYBxTPkKqR&p=https%3A//www.hidethisip.net&dtd=327
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Jun 2023 14:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Jun 2023 14:40:42 GMT

GET
H2 200 3095759719222616986
tpc.googlesyndication.com/simgad/ Frame 300A 31 KB
32 KB 138ms
67ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3095759719222616986?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkqKkzr9CxZt_X3LUDx4j60l4i9iQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6e6536bdfca9e95f6e9109b411e6372d3ae3044a5fde5c763d96187aaa113c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32014
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 14:35:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 14:40:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/ Frame 300A 22 KB
9 KB 104ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:48:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 15:48:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 059C 143 B
166 B 31ms
30ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206893953118841&output=html&h=90&slotname=5927329013&adk=3680528455&adf=1400489018&pi=t.ma~as.5927329013&w=728&lmt=1686840042&format=728x90&url=https%3A%2F%2Fwww.hidethisip.net%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686840041901&bpp=1&bdt=543&idt=320&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=6679780105538&frm=20&pv=1&ga_vid=1086450341.1686840042&ga_sid=1686840042&ga_hid=1668097168&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=636&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C42532277%2C42532279%2C44759876%2C44759927%2C31071755%2C31075280%2C31075307%2C44785294%2C44788442&oid=2&pvsid=1967853698285646&tmod=554539605&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PYBxTPkKqR&p=https%3A//www.hidethisip.net&dtd=327
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:51:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 300A 3 KB
1 KB 108ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 15:45:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 300A 19 KB
8 KB 98ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 15:45:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 300A 178 KB
56 KB 118ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:40:43 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 300A 32 KB
13 KB 108ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40d6be014f0faf1bfdcdcb51e1776f47a66663c8bcd98af0978ffc206d66a962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13300
x-xss-protection: 0
server: cafe
etag: 3238982501927506917
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 15:48:59 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 059C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 14:40:43 GMT
expires: Thu, 15 Jun 2023 14:40:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 14:40:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 40ms
37ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hidethisip.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/ Frame 9383 10 KB
4 KB 32ms
31ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hidethisip.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 81078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 16:09:25 GMT
etag: 15057649708203361565
expires: Wed, 28 Jun 2023 16:09:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 300A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e89091c93fc83b826b3728e8b16c618332f84c2d6b4d125dc30c71a5da30338

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 9383 4 KB
1 KB 102ms
38ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Jun 2023 14:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 13:42:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Jun 2023 14:40:43 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9383 205 B
649 B 106ms
28ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:27:12 GMT
x-content-type-options: nosniff
age: 8011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Jun 2024 12:27:12 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9383 604 B
718 B 106ms
29ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:29:37 GMT
x-content-type-options: nosniff
age: 4266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Jun 2024 13:29:37 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/elements/html/ Frame 9383 13 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31209227123a6cacf64ad11dbb97b083d77d899df1a026527110f6deb8b614fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5826
x-xss-protection: 0
server: cafe
etag: 11489500519353907035
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 15:54:13 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/elements/html/ Frame 9383 22 KB
9 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab296b2bb2aecd4942237b656e45565beb04d9e73c45346a60e1d92616aeaae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9409
x-xss-protection: 0
server: cafe
etag: 7294307571184633120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 15:54:13 GMT

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame D4B4 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 05:16:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 05:16:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E9A9 14 KB
1 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Jun 2023 14:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 14:29:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Jun 2023 14:40:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame E9A9 2 KB
892 B 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:48:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 15:48:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/ Frame E9A9 22 KB
9 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:48:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 15:48:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D180 143 B
166 B 39ms
38ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:51:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame E9A9 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 15:45:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame E9A9 19 KB
8 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 15:45:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9A9 178 KB
56 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:40:43 GMT

GET
H2 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame E9A9 32 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 22:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 21:46:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 22:00:10 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D180
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
36ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 14:40:43 GMT
expires: Thu, 15 Jun 2023 14:40:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 14:40:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 157ms
83ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230613&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edd6c14c033bada22141580ef096ece10eb3b3482dcc96d5f66d2025f90c2020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame CF2D 37 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: www.hidethisip.net
URL: https://www.hidethisip.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 05:16:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 05:16:43 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 14:40:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1022 13 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hidethisip.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 21916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 08:35:27 GMT
expires: Fri, 14 Jun 2024 08:35:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4A29 783 B
535 B 40ms
39ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf0d65cd8e7308c22b2647ccdad491dce032ecf1f542fbfbf73e899874fda59c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QN4rAN1NRIOccfkjj4dMjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hidethisip.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-QN4rAN1NRIOccfkjj4dMjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 14:40:43 GMT
expires: Thu, 15 Jun 2023 14:40:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame 1022 37 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 05:16:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 05:16:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4A29 0
0 64ms
62ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230613&jk=1967853698285646&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1022 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tccZLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:40:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 300A 42 B
64 B 66ms
66ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUwo19w9TFTt4Ni9GnSN0SBus8NXsIHM7s1P88DGRK2ByUvPG5P7UoXS7TPkAN0fgvrLB4M3yuwm9pAGvhBFKvs96JOxrOqw1jHQYYT7Um-19Wjdb1I5M7htS9Af5NM3Z0rN_PHQIILsIP&sai=AMfl-YTI3e49LOApOop9qIaFwuFmuZEE-dYup1GgOfqyZ6nhBMDmmEfGbzIQMyJkWwh4UR8D3ipLreNZYAVP&sig=Cg0ArKJSzKyQdlBd5sFkEAE&cid=CAQSGwBygQiDZCJ5BV5x1jl1CW_js6ziyPlgwu687BgB&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3680528455&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686840042230&rpt=935&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 14:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
65ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230613&jk=1967853698285646&bg=!k5ClkMTNAAaGYqkwpmI7ADkAdvg8WnTjtWwYrFqs5LYHTQPjMaOymDdDD6_3n-S8rGKNrQ47ODYar4BngWcGWDRkw2F3ts2-Yd4CAAAAeFIAAAADaAEHmQLZ90tkr3jwEg6rNg98vAUHNiLMw8IkPQ421X9Mac_dJ_AZaM3ALa-m1ZG2ZtAYWGPSwELNKeButpyNU65oPTeNsjcDvAhIL3VkXbTkj96lDJQMaRqmeU_x6u1BaIJU6SpAL2Uc6c4EKfh2_YTS6JTYdpReSvey3iTSj_UY4v8BP75NaJPsAEWSxKA50hhiFx6j9lfbQiEuNSdjkLAdVMSMd2d0D842IbqiOJacVnNOUuGvOwwg5wKsaN5PL2fgGpxCcltRdUy6BTUyrGmlUXB_uUo3Nhdicy51XESGTyv5L1JhEMGRTn0Hwqmy8s2_RMaFcW68szzH1xFizc0WB6FTWfcAUfKMwovdvvmat5PeLHrKa-7Tx_0XWNObHexZ2xdyirO218VQiro0A-xklps1js-_VFg3PoJME1iHqLoIYpp8px8K_Lp_ZlXsW9tlawYM8pKilrj7yVFNf05OJ0LzelmfwLQ1eMpX-p8Puur4ZoEQYaYKVzXIIxYDjEHwgkR2voHGhg-WMDX-35K0H-an6pV5B17pTZVuH2WUOJQOlbfjsS4LaKxph4YHxBQ1Bx2xcX5-vkgk9shik4JWELIIU0SUT9Zyf0VS2U84ZQFYXkOwAHXGvAjj0QhnY5vhr4IY2Uc34-K01cgn7EbLYddcXflRQLpkgzLR16ihf33KCsBC0rmirM9j9nNySxtfVUqJtRnrUYx1cQVG94sOq1vuh1cIepi3xUp1PmOArmwCJEtzE3VTHFz7QRjgR8lSyyFQnsFSTWtOSdmxIapeqg5RUkpWrmI5UGhKnud5IOv6tZ76cm2NGW4rbtowShqI1vbVt6EUOS0Fe3GLOVg8_50-j3p3SeL_ql3SNVE9zHtawaDrx8yQQop0b-aSQZ98ciCaXbUVBEI9PlVGPIOJsHQh_Uh_OqKmqFmljFTvOJyFv7zKK37Ccxfm909J5I5fmek6M7fCuPAP6yqW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.hidethisip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hidethisip.net/	1969-12-31 23:59:59	Name: 4everproxy Value: 59c5764a2cb6ec1a75443607a5c5ec30
.hidethisip.net/	1970-01-20 22:10:00	Name: __utma Value: 98915079.1086450341.1686840042.1686840042.1686840042.1
.hidethisip.net/	1969-12-31 23:59:59	Name: __utmc Value: 98915079
.hidethisip.net/	1970-01-20 16:56:48	Name: __utmz Value: 98915079.1686840042.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.hidethisip.net/	1970-01-20 12:34:00	Name: __utmt Value: 1
.hidethisip.net/	1970-01-20 12:34:01	Name: __utmb Value: 98915079.1.10.1686840042
.hidethisip.net/	1970-01-20 21:55:36	Name: __gads Value: ID=bb827bae20990d4e-2299cc5d79e10093:T=1686840042:RT=1686840042:S=ALNI_MbsyzbslGyf7nMTF3l3PelXY0t2wg
.hidethisip.net/	1970-01-20 21:55:36	Name: __gpi Value: UID=00000c4f5efb4e30:T=1686840042:RT=1686840042:S=ALNI_MajA2Axy0GGLsKpb33HT6uyK0udwA
.doubleclick.net/	1970-01-20 21:55:36	Name: IDE Value: AHWqTUmGUQTso4nUIUgf8AsCgE4j6G1tw-no9r6A3vi7ElfkG9RgEHVTgmTS8_44S4g
.doubleclick.net/	1970-01-20 12:34:00	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 12:34:03	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
code.jquery.com
fonts.googleapis.com
fr.hidethisip.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s7.addthis.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.hidethisip.net
www.serveuk7.com
198.251.90.20
2001:4de0:ac18::1:a:2a
23.206.208.114
2606:4700:3030::ac43:96c9
2a00:1450:4001:801::200a
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:831::2002
54.36.122.54
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a5ea07a0ccf26cc71db359dbfc0b9b80434663dd810ec2eeee101f1ee120e2c
252048f97b95af2b320defcef79311c1fff66beb4db70386e465de900e87afd8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
31209227123a6cacf64ad11dbb97b083d77d899df1a026527110f6deb8b614fb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
39ad6cdc7e91f5766242fd58e85f2dd6f64f538cd431c46c66fe0d5433c4b04e
3ab296b2bb2aecd4942237b656e45565beb04d9e73c45346a60e1d92616aeaae
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ef78d0c4ed9c22dbb1edb816f8d8665aef4cf03b075638403a2a33b68a7d010
40d6be014f0faf1bfdcdcb51e1776f47a66663c8bcd98af0978ffc206d66a962
4b1b5dafb8b696e79358cb3093cedfea3e2fbc10586b170af694ce38c92618d6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cc759c89326e39c45d561b9aae07cfade8e091a8404f1d861967ec5cff1ee6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63aa67a35f607dcc47fef68f279a36f2bdcfa0ca1d5cfabe2e3b46333fde5667
6c6e6536bdfca9e95f6e9109b411e6372d3ae3044a5fde5c763d96187aaa113c
6fd341b5dfb633ac28401c2e4bce1891c72e856501f59d65cecfb1dc0364d464
7e89091c93fc83b826b3728e8b16c618332f84c2d6b4d125dc30c71a5da30338
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b091fa3042cc05b5ec2e18e6b704a9d8973b60fd697b6e2ecdee936b13e9ffcb
b933fba66b3db3bc0383063de816105a51044313b4a8b44690bb03e1e5e4a47d
bf0d65cd8e7308c22b2647ccdad491dce032ecf1f542fbfbf73e899874fda59c
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
c24a7619af119c12675e4a1db749191b71305a15777113df742a65b1a324a68a
cc7ce2678586a779f599b34b5883f485d074bc08e7bc9dc8a1b115f52b30a69f
ce9a4a36fd98fe60870477363eb626020f5cd033cec6d1ad4bce960b4d8eae2c
d0a26ff2dcbddf5af70a76db30b7644102193f62ea4a036c8cd1d64579389e78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
edd6c14c033bada22141580ef096ece10eb3b3482dcc96d5f66d2025f90c2020
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f9d9a70ec7418a19cd6152cc1b8cc41e744cc6e6557d02e401592223673c174d

www.hidethisip.net Open in urlscan Pro 198.251.90.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

80 %IPv6

12 Domains

15 Subdomains

15 IPs

4 Countries

664 kBTransfer

1844 kBSize

11 Cookies

4 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hidethisip.net Open in urlscan Pro
198.251.90.20 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

80 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

664 kB
Transfer

1844 kB
Size

11
Cookies

57 HTTP transactions
1 data transactions