govbenefitsusa.finanzaspersonales.info Open in urlscan Pro
144.202.38.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://govbenefitsusa.finanzaspersonales.info/
Submission: On January 20 via api (January 20th 2024, 3:31:09 pm UTC) from US — Scanned from US

Summary HTTP 137 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 14 domains to perform 137 HTTP transactions. The main IP is 144.202.38.65, located in Miami, United States and belongs to AS-CHOOPA, US. The main domain is govbenefitsusa.finanzaspersonales.info.
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.

This is the only time govbenefitsusa.finanzaspersonales.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	144.202.38.65 144.202.38.65	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
1 25	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
28	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4004:c08::67	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400f:804::2003	15169 (GOOGLE) (GOOGLE)
1	142.251.167.156 142.251.167.156	15169 (GOOGLE) (GOOGLE)
1	172.64.151.202 172.64.151.202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
3	23.56.163.52 23.56.163.52	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	172.253.62.148 172.253.62.148	15169 (GOOGLE) (GOOGLE)
2 2	2600:1f18:445... 2600:1f18:445b:900:a15:403:8688:ca98	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:445... 2600:1f18:445b:903:224c:932:a200:6f16	14618 (AMAZON-AES) (AMAZON-AES)
2	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:445... 2600:1f18:445b:902:69fd:1977:65d1:c078	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::6812:2aef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
2 3	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
137	28

24 144.202.38.65 (Miami, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 144.202.38.65.vultrusercontent.com

govbenefitsusa.finanzaspersonales.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4004:c06::9b (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::67 (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::9b (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400f:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.202 (United States)

ASN13335 (CLOUDFLARENET, US)

dvrtr.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.56.163.52 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-52.deploy.static.akamaitechnologies.com

s-static.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:445b:900:a15:403:8688:ca98 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

s.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:445b:903:224c:932:a200:6f16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

tpsc-video-ue.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:902:69fd:1977:65d1:c078 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtr.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2aef (United States)

ASN13335 (CLOUDFLARENET, US)

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 356	337 KB
24	finanzaspersonales.info govbenefitsusa.finanzaspersonales.info	308 KB
21	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	338 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	127 KB
9	innovid.com 2 redirects dvrtr.innovid.com — Cisco Umbrella Rank: 8266 s-static.innovid.com — Cisco Umbrella Rank: 2535 s.innovid.com — Cisco Umbrella Rank: 2300 ag.innovid.com — Cisco Umbrella Rank: 2226 rtr.innovid.com — Cisco Umbrella Rank: 2102	1 MB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	139 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	104 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	2 KB
3	doubleverify.com tpsc-video-ue.doubleverify.com — Cisco Umbrella Rank: 2713 vtrk.doubleverify.com — Cisco Umbrella Rank: 1761	508 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	131 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	269 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
137	14

	Domain	Requested by
28	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com govbenefitsusa.finanzaspersonales.info 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com www.gstatic.com imasdk.googleapis.com
24	govbenefitsusa.finanzaspersonales.info	govbenefitsusa.finanzaspersonales.info
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com govbenefitsusa.finanzaspersonales.info 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
12	securepubads.g.doubleclick.net	1 redirects govbenefitsusa.finanzaspersonales.info securepubads.g.doubleclick.net 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
8	csi.gstatic.com	imasdk.googleapis.com
7	www.gstatic.com	govbenefitsusa.finanzaspersonales.info 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	googleads.g.doubleclick.net	1 redirects govbenefitsusa.finanzaspersonales.info
4	fonts.googleapis.com	securepubads.g.doubleclick.net 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com govbenefitsusa.finanzaspersonales.info
4	4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	dsum-sec.casalemedia.com	2 redirects
3	s-static.innovid.com
3	imasdk.googleapis.com	4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
2	tpsc-video-ue.doubleverify.com
2	ag.innovid.com
2	s.innovid.com	2 redirects
2	ad.doubleclick.net	1 redirects
2	www.googleadservices.com
2	www.googletagservices.com	govbenefitsusa.finanzaspersonales.info 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
2	www.google.com	1 redirects tpc.googlesyndication.com
1	cm.g.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net
1	vtrk.doubleverify.com
1	rtr.innovid.com
1	ade.googlesyndication.com
1	dvrtr.innovid.com	imasdk.googleapis.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	govbenefitsusa.finanzaspersonales.info
137	30

This site contains no links.

Subject Issuer	Validity	Valid
govbenefitsusa.finanzaspersonales.info R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
dvrtr.innovid.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
*.innovid.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-17` - `2024-02-19`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleverify.com Starfield Secure Certificate Authority - G2	`2023-08-25` - `2024-09-25`	a year	crt.sh
vtrk.doubleverify.com E1	`2024-01-07` - `2024-04-06`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://govbenefitsusa.finanzaspersonales.info/
Frame ID: AB6F23101F3F1A755DA25E88CBD997CF
Requests: 38 HTTP requests in this frame

Frame: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 796CF48297F0D98D26C0FCDDBD22AD14
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 09D1A762A8AB75298477FA8C7BF9796B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5ADC4ECF94B52D95E7CAE8D6AEC42AE0
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 0081D7298D19DA1FBCA8834F0272A59A
Requests: 15 HTTP requests in this frame

Frame: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F58D0209707C40EDED3A060F776A7CA9
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: A882CA7C5165D445574E0BFB6C25E8F0
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 8B292F5815234C1636234478CCEB146B
Requests: 1 HTTP requests in this frame

Frame: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E38FBFE22A54B4C35D4EDF62D767FEDD
Requests: 41 HTTP requests in this frame

Frame: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A978F61E8D5B004631B4C9F52E15AF86
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html
Frame ID: 65E2034C5AFF0385B04F880717A1DCCB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 147EA3A7D2E18A2F5745C27DDA51FBF9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C4BA0ECC53D94C4573ACBACAA9FB5B18
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Subsidios y ayudas USA - govbenefitsusa.finanzaspersonales.info

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

137
Requests

95 %
HTTPS

62 %
IPv6

14
Domains

30
Subdomains

28
IPs

3
Countries

2949 kB
Transfer

41779 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

https://securepubads.g.doubleclick.net/pagead/adview?ai=CNVcEOOerZdjPBPaYo9kPofyS8Ayyq8qvddat2M7_D7CQHxABIKvKg5kBYMnujovApIwQoAH89cD_A8gBCeACAKgDAcgDSKoE1gJP0IFngrKcKCsABUgueGNvor8JFWvtUaQIWAu8W0aTromxBsHuYBrb7I0XumxNtRz38F2aYap2sEdSXh8zAi0aWngCkdfqKWepStqazgiKYwLTKFY4jGvMFaF3I22JkbJr3lDmWZb3CpcSif27d-LWyK0B-k05eXrJ0Ho-Guurq6K_i851O99c6Kz21CAzbDQs1rmRLn5XA3Owcyf6oaVwE8kpYeLtZvWTj0HbhXFnxfUrX2xfp-9pECoHkGhrzFcV5uYQzng5_v15QMUhlTP3bsxn1WBX15X5oHgDKnl4A4DRcK-FEkw7gNeu8VqdS3EEEjbNGcZGl3k8dF_CRz0KK_oMdBYXWEHKObuFn_moFCZ--ewMeG_V7gi1Q1Pd-RXdneGhOCznXKchmsh9SKynBYAuhpnin05GxQwIG58iWrYi0g6hIpQPxcvDoTfAj2lRc5cD-oLABPrjzZq2A-AEAYgFx_WvtiCSBQQIBBgBkgUECAUYBKAGLoAH7Ik_qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQvaZB0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlj9_7TGpOyDA5oJQWh0dHBzOi8vd3d3LnBhdGlvZW5jbG9zdXJlcy5jb20vY3JlYXRpbmctdGhlLXBlcmZlY3Qtc3Vucm9vbS5hc3B4gAoDyAsB2gwQCgoQ4Nj0vZi7vLodEgIBA-INEwigrLXGpOyDAxV2zCgFHSG-BM7YEwzQFQGYFgGAFwGyFx8KHQgAEhRwdWItOTgxNzg3MTk0NjM1NTExORiSiokB&sigh=GXPUn5p2yXY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_EQf33UvCsgG21xIG11ixDZE3JIUFGl8R8V-XFyytz0vaMU65djbF5QmXC4_yDeDS0zM1Cnp96PYkG-xpC3lgEU_4ar_pgSpHBhgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaed87d6c27ed8f4d0000000000000000%22,%222%22:%220xb01ea8645abf8f30000000000000000%22,%223%22:%220xf18090e1362aa8540000000000000000%22,%224%22:%220xffbbd7dd54481c330000000000000000%22,%225%22:%220xf335c7449d5429370000000000000000%22},%22debug_key%22:%2211382680165283127741%22,%22debug_reporting%22:true,%22destination%22:%22https://patioenclosures.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221072708348%22],%2222%22:[%22true%22],%224%22:[%2201-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229306884146658423025%22}&andc=true

Request Chain 121

https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7BAUCTION_ID%7D;dvs5=1;dvs6=103;dvs7=$%7BBUNDLE_ID%7D;dvs8=$%7BCREATIVE_ID%7D;dvs9=$%7BINSERTION_ORDER_ID%7D;dvs10=$%7BPUBLISHER_ID%7D;dvs11=$%7BUNIVERSAL_SITE_ID%7D;dvs12=$%7BEXCHANGE_ID%7D;dvs13=1120300705;dvs14=1120300705;ord=1705764664848;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;;ltd=;dc_tdv=1;tpsrc=ima HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_pre=CJCjzMek7IMDFesliAkd7ioIpA;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7BAUCTION_ID%7D;dvs5=1;dvs6=103;dvs7=$%7BBUNDLE_ID%7D;dvs8=$%7BCREATIVE_ID%7D;dvs9=$%7BINSERTION_ORDER_ID%7D;dvs10=$%7BPUBLISHER_ID%7D;dvs11=$%7BUNIVERSAL_SITE_ID%7D;dvs12=$%7BEXCHANGE_ID%7D;dvs13=1120300705;dvs14=1120300705;ord=1705764664848;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;;ltd=;dc_tdv=1;tpsrc=ima

Request Chain 122

https://s.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&action=play&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg%26iv_geo_dma%3D514%26iv_geo_country%3DUS%26iv_geo_city%3DBuffalo%26iv_geo_state%3DNY%26iv_geo_zip%3D14202%26iv_geo_lat%3D42.8867%26iv_geo_lon%3D-78.8927 HTTP 302
https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&action=play&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg%26iv_geo_dma%3D514%26iv_geo_country%3DUS%26iv_geo_city%3DBuffalo%26iv_geo_state%3DNY%26iv_geo_zip%3D14202%26iv_geo_lat%3D42.8867%26iv_geo_lon%3D-78.8927

Request Chain 126

https://s.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&action=init&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg%26iv_geo_dma%3D514%26iv_geo_country%3DUS%26iv_geo_city%3DBuffalo%26iv_geo_state%3DNY%26iv_geo_zip%3D14202%26iv_geo_lat%3D42.8867%26iv_geo_lon%3D-78.8927 HTTP 302
https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&action=init&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg%26iv_geo_dma%3D514%26iv_geo_country%3DUS%26iv_geo_city%3DBuffalo%26iv_geo_state%3DNY%26iv_geo_zip%3D14202%26iv_geo_lat%3D42.8867%26iv_geo_lon%3D-78.8927

Request Chain 131

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKHdmZYEEKOs9pkEGNK5_4ECIAEwAQ&v=APEucNXq614OZJWqJKhxjqd0FiOsoqk7zOIfFMtNRcvGG1OMQx9Y9LfW-8VWGpNTquGH0IHip8ncgdVWuNGjWUI8gZz-1k_iy--7ZJlKTCL2cu8dPOF_fk0 HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZavnORLbIdB2jXRLjLvObgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMvYrD6ay8Mx4zBSQuoJ4Lg&google_cver=1

137 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
govbenefitsusa.finanzaspersonales.info/ 257 KB
31 KB 267ms
118ms Document
text/html 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 3b6a7fa43986140aa461d05336481d98a64e9cc9c9f847e78f301b26e363d19e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2273
cache-control: max-age=0, s-maxage=2592000
cache-provider: CLOUDWAYS-CACHE-DC
content-encoding: gzip
content-length: 30947
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 15:31:02 GMT
expires: Sat, 20 Jan 2024 14:53:07 GMT
last-modified: Sat, 20 Jan 2024 14:53:08 GMT
link: <https://govbenefitsusa.finanzaspersonales.info/wp-json/>; rel="https://api.w.org/", <https://govbenefitsusa.finanzaspersonales.info/wp-json/wp/v2/pages/23>; rel="alternate"; type="application/json", <https://govbenefitsusa.finanzaspersonales.info/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
govbenefitsusa.finanzaspersonales.info/wp-content/astra-local-fonts/montserrat/ 32 KB
33 KB 102ms
100ms Font
application/font-woff2 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/astra-local-fonts/montserrat/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Request headers

Referer: https://govbenefitsusa.finanzaspersonales.info/
Origin: https://govbenefitsusa.finanzaspersonales.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
last-modified: Sat, 20 Jan 2024 14:44:00 GMT
server: nginx
etag: "65abdc30-8144"
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 33092

GET
H2 200 main.min.css
govbenefitsusa.finanzaspersonales.info/wp-content/themes/astra/assets/css/minified/ 41 KB
8 KB 65ms
63ms Stylesheet
text/css 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.6.3
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: b515a60a6963e4fcc6877f257ec9ee1b39bb5db12dcb6de97d4704f277ffc84b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-a580"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 astra-local-fonts.css
govbenefitsusa.finanzaspersonales.info/wp-content/astra-local-fonts/ 4 KB
761 B 66ms
64ms Stylesheet
text/css 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/astra-local-fonts/astra-local-fonts.css?ver=4.6.3
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 7a39c7e64dfda9becaa2dd54b251aa5aaa6f54b7e24629bcdfb05aa9801e846e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2024 14:44:00 GMT
server: nginx
etag: W/"65abdc30-102c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
govbenefitsusa.finanzaspersonales.info/wp-includes/css/dist/block-library/ 107 KB
14 KB 78ms
77ms Stylesheet
text/css 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-1add3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 styles.css
govbenefitsusa.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 81ms
80ms Stylesheet
text/css 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.5
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-b4e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 contact-form-7-main.min.css
govbenefitsusa.finanzaspersonales.info/wp-content/themes/astra/assets/css/minified/compatibility/ 882 B
584 B 81ms
80ms Stylesheet
text/css 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=4.6.3
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-372"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 astra-addon-65abdc25186621-43223414.css
govbenefitsusa.finanzaspersonales.info/wp-content/uploads/astra-addon/ 59 KB
7 KB 88ms
87ms Stylesheet
text/css 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/uploads/astra-addon/astra-addon-65abdc25186621-43223414.css?ver=4.6.0
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: a7d698d2fbb3b5f18ce414d0a6f1864d3b5c63b131a63b2b34c533c02abdebd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2024 14:43:49 GMT
server: nginx
etag: W/"65abdc25-ed4c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
BLOB 200
OK 75ebe3e3-1d24-4805-87fa-3ce85927d664
https://govbenefitsusa.finanzaspersonales.info/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://govbenefitsusa.finanzaspersonales.info/75ebe3e3-1d24-4805-87fa-3ce85927d664
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 jquery.min.js Show response
govbenefitsusa.finanzaspersonales.info/wp-includes/js/jquery/ 86 KB
30 KB 120ms
120ms Script
application/javascript 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-15601"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
govbenefitsusa.finanzaspersonales.info/wp-includes/js/jquery/ 13 KB
5 KB 136ms
135ms Script
application/javascript 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-3509"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 105ms
48ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-35B7MCN0FJ

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ed941a1c358888d5c1f45c82a042da9eda1b136d3d07534644368dbb1272f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93433
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 20 Jan 2024 15:31:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 167ms
75ms Script
text/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89f9926f85c8259522bc439afb5a11c136a5efa1ebf965459e6839f6087e6c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29393
x-xss-protection: 0
server: cafe
etag: 936 / 19742 / m202401160101 / config-hash: 15866861927224639442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:31:02 GMT

GET
H2 200 Beneficios.Gov-2-389x147.png
govbenefitsusa.finanzaspersonales.info/wp-content/uploads/2024/01/ 17 KB
18 KB 143ms
142ms Image
image/png 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/uploads/2024/01/Beneficios.Gov-2-389x147.png
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: ff7284cfbe3166f2c2ce0deea1fdb3402dab7127d2d48610647058f9c082b24f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
last-modified: Sat, 20 Jan 2024 14:43:49 GMT
server: nginx
etag: "65abdc25-456f"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17775

GET
H2 200 AYUDA-EN-EFECTIVO-TANF-22.webp
govbenefitsusa.finanzaspersonales.info/wp-content/uploads/2024/01/ 43 KB
43 KB 144ms
143ms Image
image/webp 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/uploads/2024/01/AYUDA-EN-EFECTIVO-TANF-22.webp
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 98873e19cd0a3db0597c8110f503eaca1e3391ebd830d924c7681a710d9c9863

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
last-modified: Tue, 16 Jan 2024 18:19:34 GMT
server: nginx
etag: "65a6c8b6-abe6"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 44006

GET
H2 200 corazonh.png
govbenefitsusa.finanzaspersonales.info/wp-content/uploads/2023/05/ 7 KB
7 KB 68ms
66ms Image
image/png 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/uploads/2023/05/corazonh.png
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 769c6211eb1a26c89fa3d8a63371b2ea75294fd5b16a1ed2a90fd8f5878de7d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
last-modified: Tue, 09 Jan 2024 16:42:32 GMT
server: nginx
etag: "659d7778-1aef"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6895

GET
H2 200 magamenu-frontend.min.css
govbenefitsusa.finanzaspersonales.info/wp-content/plugins/astra-addon/addons/nav-menu/assets/css/minified/ 0
137 B 144ms
143ms Stylesheet
text/css 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/plugins/astra-addon/addons/nav-menu/assets/css/minified/magamenu-frontend.min.css?ver=4.6.0
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
last-modified: Tue, 09 Jan 2024 16:42:45 GMT
server: nginx
etag: "659d7785-0"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 0

GET
H2 200 frontend.min.js Show response
govbenefitsusa.finanzaspersonales.info/wp-content/themes/astra/assets/js/minified/ 21 KB
5 KB 60ms
59ms Script
application/javascript 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.6.3
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 00cfed1d7680f3a3435bf24ed4286fa745c0b33d78f5f169e6fcf94852b93589

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-530a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 index.js Show response
govbenefitsusa.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 62ms
60ms Script
application/javascript 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.5
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-2b6d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 index.js Show response
govbenefitsusa.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 64ms
61ms Script
application/javascript 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.5
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-337e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 astra-addon-65abdc251a52c8-87510724.js Show response
govbenefitsusa.finanzaspersonales.info/wp-content/uploads/astra-addon/ 37 KB
7 KB 66ms
63ms Script
application/javascript 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/uploads/astra-addon/astra-addon-65abdc251a52c8-87510724.js?ver=4.6.0
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: a0520951344a0a82548f72736baa2072e965cfdaeb51f397b3a5901b1024a406

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2024 14:43:49 GMT
server: nginx
etag: W/"65abdc25-93f1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 interactivity.min.js Show response
govbenefitsusa.finanzaspersonales.info/wp-includes/js/dist/ 32 KB
12 KB 70ms
68ms Script
application/javascript 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-includes/js/dist/interactivity.min.js?ver=6.4.2
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 8debf919f9d44ba37fa60607809c029f16307d1b27d5472eccb2234563d713bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-7e19"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 view.min.js Show response
govbenefitsusa.finanzaspersonales.info/wp-includes/blocks/image/ 6 KB
2 KB 70ms
69ms Script
application/javascript 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-includes/blocks/image/view.min.js?ver=32caaf5e7c6834efef4c
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: ce3471ccd08187d7fe1e76cd7c67d991cb7d15a0a27b8b50b4ea7389520edba7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-1623"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 float.js Show response
govbenefitsusa.finanzaspersonales.info/wp-content/plugins/gtranslate/js/ 22 KB
7 KB 72ms
71ms Script
application/javascript 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/plugins/gtranslate/js/float.js?ver=6.4.2
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: e7b82cf334e70a450ecf59d4d92355d1cb408b1a95f028decb50c597ac53e42d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-595e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 Beneficios.Gov-2-1024x388.png
govbenefitsusa.finanzaspersonales.info/wp-content/uploads/2024/01/ 56 KB
56 KB 62ms
62ms Image
image/png 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/uploads/2024/01/Beneficios.Gov-2-1024x388.png
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 01d6cb044735b2595b41f26c57c7467aaf6d157415411a3f14111d7160c2456d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
last-modified: Sat, 20 Jan 2024 14:43:48 GMT
server: nginx
etag: "65abdc24-de55"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 56917

GET
H2 200 es.svg
govbenefitsusa.finanzaspersonales.info/wp-content/plugins/gtranslate/flags/svg/ 47 KB
8 KB 62ms
61ms Image
image/svg+xml 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-content/plugins/gtranslate/flags/svg/es.svg
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: b46849a7e0fd7bdf03ff8d742b44f1ff83d1cbe831b9c9d99e858d644fbc478e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:31 GMT
server: nginx
etag: W/"659d7777-bbd9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 wp-emoji-release.min.js Show response
govbenefitsusa.finanzaspersonales.info/wp-includes/js/ 18 KB
5 KB 63ms
63ms Script
application/javascript 144.202.38.65
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://govbenefitsusa.finanzaspersonales.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.38.65 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.38.65.vultrusercontent.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 16:42:46 GMT
server: nginx
etag: W/"659d7786-4904"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
www.google-analytics.com/g/ 0
269 B 94ms
37ms Ping
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-35B7MCN0FJ&gtm=45je41h0v9175489981&_p=1705764662424&gcd=11l1l1l1l1&dma=0&cid=1920721438.1705764663&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705764662&sct=1&seg=0&dl=https%3A%2F%2Fgovbenefitsusa.finanzaspersonales.info%2F&dt=Subsidios%20y%20ayudas%20USA%20-%20govbenefitsusa.finanzaspersonales.info&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=650
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-35B7MCN0FJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://govbenefitsusa.finanzaspersonales.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 430 KB
135 KB 30ms
30ms Script
text/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2459
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138162
x-xss-protection: 0
server: cafe
etag: 1666572220375911148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 19 Jan 2025 14:50:03 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 236 KB
54 KB 956ms
956ms Fetch
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2705841449234201&correlator=3121939629249379&eid=31080563%2C31080586%2C31079233%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&iu_parts=22795378465%2Cgovbenefitsusa.finanzaspersonales.info%2CGovbenefitsusa_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1705764662778&lmt=1705762388&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgovbenefitsusa.finanzaspersonales.info%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1920721438.1705764663&ga_sid=1705764663&ga_hid=1163512617&ga_fc=true&dlt=1705764662250&idt=489&cust_params=id_post_wp%3D23&adks=4283764628&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fd60c481c3c6904afe3f7ba5199451a9c157addfaada5ec2dc819a4256f4d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55391
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://govbenefitsusa.finanzaspersonales.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 97 KB
29 KB 1313ms
1313ms Fetch
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2705841449234201&correlator=3121939629249379&eid=31080563%2C31080586%2C31079233%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&iu_parts=22795378465%2Cgovbenefitsusa.finanzaspersonales.info%2CGovbenefitsusa_Anchor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=1&sc=1&cookie_enabled=1&abxe=1&dt=1705764662785&lmt=1705762388&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgovbenefitsusa.finanzaspersonales.info%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1920721438.1705764663&ga_sid=1705764663&ga_hid=1163512617&ga_fc=true&dlt=1705764662250&idt=489&cust_params=id_post_wp%3D23&adks=1652335228&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a89af5dda7e8114b060dd53c5dfe969b9aaf02642680ae166214825b2b59d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29710
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://govbenefitsusa.finanzaspersonales.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
14 KB 510ms
510ms Fetch
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2705841449234201&correlator=3121939629249379&eid=31080563%2C31080586%2C31079233%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&iu_parts=22795378465%2Cgovbenefitsusa.finanzaspersonales.info%2CGovbenefitsusa_Content1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C300x250%7C336x280&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705764662787&lmt=1705762388&adxs=340&adys=227&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgovbenefitsusa.finanzaspersonales.info%2F&vis=1&psz=920x74&msz=920x0&fws=4&ohw=1600&ga_vid=1920721438.1705764663&ga_sid=1705764663&ga_hid=1163512617&ga_fc=true&dlt=1705764662250&idt=489&cust_params=id_post_wp%3D23&adks=4141216270&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7fce45202ea02c36b73ac4d1022644320922c5f7c744ad6622be739e03298df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://govbenefitsusa.finanzaspersonales.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 796C 6 KB
3 KB 121ms
32ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://govbenefitsusa.finanzaspersonales.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 15:31:02 GMT
expires: Sun, 19 Jan 2025 15:31:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 40 KB
14 KB 30ms
30ms Script
text/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eb063dd5efc39b1b3492ea35f77a7fa157fbdbd8ef1dcbeb885d9349066f3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:52:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67122
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13863
x-xss-protection: 0
server: cafe
etag: 12572411096080002997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 18 Jan 2025 20:52:20 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 134 KB
42 KB 1673ms
1673ms Fetch
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2705841449234201&correlator=3121939629249379&eid=31080563%2C31080586%2C31079233%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fif&iu_parts=22795378465%2Cgovbenefitsusa.finanzaspersonales.info%2CGovbenefitsusa_Content2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C300x250%7C336x280&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705764662804&lmt=1705762388&adxs=400&adys=863&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgovbenefitsusa.finanzaspersonales.info%2F&vis=1&psz=800x74&msz=800x0&fws=4&ohw=1600&ga_vid=1920721438.1705764663&ga_sid=1705764663&ga_hid=1163512617&ga_fc=true&dlt=1705764662250&idt=489&cust_params=id_post_wp%3D23&adks=1382119479&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c12b7c5ac5def5e32373c6813eedddc7bf475a620fef61e663c9dc2a5e03be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43250
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://govbenefitsusa.finanzaspersonales.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 127ms
64ms XHR
application/json 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

829b9c484467473accbd7e2f7501d2ed8cc1511599198f735492cfbf71431adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12060
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 109ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 15:31:03 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 09D1 13 KB
5 KB 32ms
30ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://govbenefitsusa.finanzaspersonales.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 8269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 13:13:14 GMT
expires: Sun, 19 Jan 2025 13:13:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5ADC 829 B
1 KB 105ms
44ms Document
text/html 2607:f8b0:4004:c08::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::67 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6fa0333560aff37d8cb4a45408446c3deceb58d1e2386bcdbfeb64c97f71ac8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gAPrLgjjKS0d0PWasJ_oig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://govbenefitsusa.finanzaspersonales.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gAPrLgjjKS0d0PWasJ_oig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 15:31:03 GMT
expires: Sat, 20 Jan 2024 15:31:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 09D1 39 KB
15 KB 31ms
30ms Script
text/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 15:00:06 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame 0081 196 KB
56 KB 101ms
32ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 20:26:27 GMT
age: 155076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 20:26:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 0081 15 KB
5 KB 157ms
88ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 20:23:53 GMT
age: 155230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 20:23:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 0081 95 KB
28 KB 160ms
90ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 20:29:02 GMT
age: 154921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 20:29:02 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 0081 5 KB
2 KB 155ms
86ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 20:13:51 GMT
age: 155832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 20:13:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 0081 40 KB
13 KB 172ms
103ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 20:24:01 GMT
age: 155222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 20:24:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0081 14 KB
2 KB 110ms
41ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 14:03:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 15:31:03 GMT

GET
H3 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0081 3 KB
3 KB 32ms
32ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:04:41 GMT
x-content-type-options: nosniff
server: cafe
age: 84382
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2687
x-xss-protection: 0
expires: Sat, 20 Jan 2024 16:04:41 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0081 295 B
319 B 34ms
33ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:12:24 GMT
x-content-type-options: nosniff
server: cafe
age: 83919
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 20 Jan 2024 16:12:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5ADC 0
0 90ms
90ms Image
text/html 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=2705841449234201&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6857174457676663213/ Frame 0081 3 KB
3 KB 32ms
31ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6857174457676663213/14763004658117789537?w=100&h=100

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2379e0b6244ad3d1d60397dd891e76162e818844f401f250b37cd559d9d32090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 13:39:37 GMT
date: Sat, 20 Jan 2024 13:39:37 GMT
x-content-type-options: nosniff
age: 6686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3135
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 09:47:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2895444635129578161/ Frame 0081 5 KB
5 KB 33ms
32ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2895444635129578161/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 19 Jan 2025 08:07:01 GMT
date: Sat, 20 Jan 2024 08:07:01 GMT
x-content-type-options: nosniff
age: 26642
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4885
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 12:00:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 0081 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdbf32de45520329e34c7b4df5185ac8dbc861b468132c31f97fcdcda7e158ea

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 09D1 0
10 B 36ms
36ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?n1CY-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0081 33 KB
34 KB 98ms
33ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://govbenefitsusa.finanzaspersonales.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:16:08 GMT
x-content-type-options: nosniff
age: 94495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:16:08 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0081
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

102ms
41ms

Image
text/html

2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H2
Server: 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sat, 20 Jan 2024 15:31:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0081 0
0 128ms
127ms Image
text/html 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuekINuerZYq5M9iXo9kPvte3uA_D9Ju4dfHRu9ivEsLctrLoDhABIKvKg5kBYMnujovApIwQoAGl_NSQKcgBAakCnYpr6GVIsj7gAgCoAwHIAwqqBNwCT9DyGVCy_MNyVWdmZCCtzbdf6Je-uSJ0_D4TCp9CzX-uca-b784rilyr3MhMb92beVuBD5eBNBHZfzjT8_dgBtQ3ZFwJ1vlTfu6FOlL_CMvvwwn_X39JOtRVGIyJt0YvCXsf6ax87AM45OM4prWh2YHwL1TjMz47yf-L2e6iF9n0stU-1MBVQmDHruY9Qdg9Budch4fpm1eO6CVEcyoCyNQKBfic_Rahc7Uevgpqx7Rvj2wFv2f_LdDGGeflkFQ2UforMJNK94limz732shr0jxWkzuQ7ZOhnPNMrFcut3oYZ_SZpSsEuazsAAmK2_0PBpRraXZGS8l3HbUgn0cHrFoHpO8kO_g1-qDLbb8FxXLmN_g5Yq0FtLKI90lwUBZfrqLEAgv8fSWwU2uCErvZF5gafz9732ePsKXSc80zEy3moilqRy4oMzaMpYHSj5BPOa81LVvuBFscTYHqwATu_5qO1QTgBAGIBePPr85NkgUECAQYAZIFBAgFGASAB6W0pfADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQk8EH0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliKkLHGpOyDA5oJG2h0dHBzOi8vdGVtcG9zZWFyY2guY29tL2RzcoAKA8gLAdoMEQoLEPD9vsLpyY_BoQESAgED4g0TCLi2scak7IMDFdjLKAUdvusN99gTDNAVAZgWAYAXAbIXHwodCAASFHB1Yi05ODE3ODcxOTQ2MzU1MTE5GJKKiQE&sigh=0e6HIRvBsps&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_piG6ooEWNgHHp5UOgXPpYNwYJ-oQ187hRZ-xQHur5F-TaaswOhxdScwcKQgRtVdUpiIRffSzh5w8wAh1zgUeQCnJQr7H_7nP-xgB&template_id=5007&cbvp=2
Requested by: Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 container.html Show response
4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F58D 6 KB
3 KB 32ms
31ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://govbenefitsusa.finanzaspersonales.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 15:31:03 GMT
expires: Sun, 19 Jan 2025 15:31:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F58D 4 KB
744 B 40ms
39ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 14:12:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 15:31:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A882 2 KB
553 B 39ms
39ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 15:23:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 15:31:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A882 2 KB
822 B 35ms
34ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:04:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:04:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame A882 23 KB
9 KB 49ms
48ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:23:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A882 3 KB
1 KB 48ms
47ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:15:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A882 20 KB
8 KB 38ms
37ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:12:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A882 206 KB
65 KB 120ms
32ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:31:03 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame A882 37 KB
16 KB 93ms
30ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:13:51 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame F58D 22 KB
9 KB 43ms
42ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:07:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:07:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F58D 205 B
294 B 96ms
39ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:19:47 GMT
x-content-type-options: nosniff
age: 676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 Jan 2025 15:19:47 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F58D 604 B
918 B 95ms
38ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:14:08 GMT
x-content-type-options: nosniff
age: 1015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 Jan 2025 15:14:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
94ms Image
text/html 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=2705841449234201&bg=!gYKlgs3NAAa8BdJLnAU7ADQBe5WfOF8wWomnLV0PjCYBKHEetGnLUKkpGF5fY8H_KPJTkTlPcsT9Vf3zpn-Icdb-iOm9AgAAAHdSAAAAA2gBBwoAVYaLvk_-IxBazZUORFWYW6ZNgbeWG3w5HtGC5AmlxgQ6i0ubEw4Z71aYGhYeHfO-6O5M3uIj3D9UZax02qj8BnViwYQ6u0jKXcKwwsBlc9oph5GJ8biZAt6yProkFz_lusoEphciyGC5loFQCoWMVXp2-h-O7sEFPkL2ewd5OSMknn-nISkKHjHvC1g6NByMS5pkG-8zSZ7ZUqeunxpZXeQ_YA9sokEB6HQ8Fu94hxc6KG4gnWu6njrKGxfX9sN0JLU-AjOnJ6gKJRTcykdQQ8hSD6WU_8E9srCXcxYZDpUeG8kuUiiwYwthktjfH9wM5hwM4UZPu5qHgjgVNt_3XP4FdqL6tAVdv7tOdka1E8RT7tr4bBKO5dnxhkhfDnG5NsrX2T8giwNxPNId_CONq6FvMFNuCXs5avHffUNQC3A6UEK0Zd18-Yy8v4fy5Sa5jh1z57v2DoL8-vpNkpV3pcbjraHWm0edMdFP97R0wq9vaxuVjMrNUsm7clffut_E9-ghy9NFIQbFBYMhb4FT7t6CXlh0ux9-8Beh3CxhSFPR-3iGhGL2m5HAh5Cg-y-TcuKsOFNPcMoN_FjQx0wMS-Vs994BEPm_WIHU5NjBkr4NE_0T5oYkQIvE6c8iKj3Cz7jBsyJJ5D5hSoUPuEm356GaFtc0p_qzEnkHNhzecovCOAPtIHjPIS-iXxxanwI-QnHvafJkf0irPTnoynzY5oy9lELIMgvKssWv1Pt3sl5uJPhKVRcBXK-RNCdzAwaa3ua30VG3-tbQO32kA6LSOV-iis3QHjjK8NWgYZGCU4TpwgXOZatVHg2D-2_DszmQ-knDriDiBLiG2GZUvntEEa8RRyLCkvgqvZdfredzDJwJ-La-oitpkDuQarPKHkqsxc9ajVLvYhXGyEKJZ-8NjjOg99V7f_KU3YVjPfIP-9PLYATNKWOVTg_pHf5XVofO7X0S1DidmlD0C3-g3a3UjuarkEb-pMtDVSHjwAsMtilbMl6vbpMjpvG8PdK5nQVjEorPRqzHOlQbZMGd26WoKOy2XJ415gWMfeT9UHunpJgg3Or1xIiJV8L6FDDuB610Uu0p--bxUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B29 50 KB
19 KB 30ms
29ms Script
text/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: govbenefitsusa.finanzaspersonales.info
URL: https://govbenefitsusa.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 17:40:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 17:40:16 GMT

GET
H3 200 container.html Show response
4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E38F 6 KB
3 KB 31ms
30ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://govbenefitsusa.finanzaspersonales.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 15:31:03 GMT
expires: Sun, 19 Jan 2025 15:31:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame E38F 23 KB
9 KB 31ms
29ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:23:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E38F 8 KB
750 B 42ms
40ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 15:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 14:16:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 15:31:04 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame E38F 15 KB
3 KB 117ms
29ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:23:54 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame E38F 378 KB
132 KB 118ms
31ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:31:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E38F 20 KB
8 KB 30ms
29ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:12:23 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E38F 0
45 B 413ms
134ms Ping
image/gif 2a00:1450:400f:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrm88mlg&c=7392217717434&slotId=3696108858717&qqid=CLKD5sak7IMDFWzIKAUdU6oFWQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E38F 15 KB
16 KB 25ms
24ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:10:00 GMT
x-content-type-options: nosniff
age: 94864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:10:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E38F 15 KB
15 KB 30ms
29ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:24:38 GMT
x-content-type-options: nosniff
age: 93986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:24:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E38F 0
20 B 155ms
154ms Image
image/gif 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cy2_ON-erZfKLKuyQo9kP09SWyAXfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnujovApIwQyAEFqAMByAObBKoEogJP0OVMblCCo-lCIIwoivuvj6BDk8qIMe2J8yuyDEQorCh8cECmWc7XV15FZt8EKqvo2RU7UsIytQQU_FG8ALpVs_tg8VqcoH-g9URbzF6-WDnGDh_w9Gmf_ACVTf-OKCczrqyxF8CRtRWtlURG5TfUne27qw2kLcWyrRUKLSWclgKPNtaCz_IEr0ldWPpPxSKsOy3vBmqTrE2gGUDqsUziqqOVo_3bVJNcXo0RJ5x2S-df3aDr4Kf_42rYy-3V2pw6rahqe9HiqWubjegHAaO0jwFrLOZmFrcddWJWXQai_8KsVW4LmlGU9iUIMTMsnqSE59GRjx8eCrGFS6kpOlrU6yKQDV-d-t45gEtkmYkyIDeFCv1z89DiPuTyc7z9pPuFe8AEv56N7NME4AQDiAWBob7mTZAGAaAGeYAHzqWB8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljYk7HGpOyDA4AKA8gLAeALAYAMAaIMCCoGCgSsurECqg0CVVPiDRMI5MWxxqTsgwMVbMgoBR1TqgVZsBOwiYgWyBORsI3kA9gTCogUAdgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1705764664435&ai=Cy2_ON-erZfKLKuyQo9kP09SWyAXfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnujovApIwQyAEFqAMByAObBKoEogJP0OVMblCCo-lCIIwoivuvj6BDk8qIMe2J8yuyDEQorCh8cECmWc7XV15FZt8EKqvo2RU7UsIytQQU_FG8ALpVs_tg8VqcoH-g9URbzF6-WDnGDh_w9Gmf_ACVTf-OKCczrqyxF8CRtRWtlURG5TfUne27qw2kLcWyrRUKLSWclgKPNtaCz_IEr0ldWPpPxSKsOy3vBmqTrE2gGUDqsUziqqOVo_3bVJNcXo0RJ5x2S-df3aDr4Kf_42rYy-3V2pw6rahqe9HiqWubjegHAaO0jwFrLOZmFrcddWJWXQai_8KsVW4LmlGU9iUIMTMsnqSE59GRjx8eCrGFS6kpOlrU6yKQDV-d-t45gEtkmYkyIDeFCv1z89DiPuTyc7z9pPuFe8AEv56N7NME4AQDiAWBob7mTZAGAaAGeYAHzqWB8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljYk7HGpOyDA4AKA8gLAeALAYAMAaIMCCoGCgSsurECqg0CVVPiDRMI5MWxxqTsgwMVbMgoBR1TqgVZsBOwiYgWyBORsI3kA9gTCogUAdgUAdAVAfgWAYAXAegXBQ

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E38F 0
54 B 396ms
133ms Ping
image/gif 2a00:1450:400f:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrm88mlw&c=7392217717434&slotId=3696108858717&qqid=CLKD5sak7IMDFWzIKAUdU6oFWQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1a7&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame E38F 27 KB
17 KB 155ms
63ms XHR
text/xml 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ANbxsM417kmBR7xhbB15_Vsj06AoZb-rIsyOJIztIMLn-cFkCg8TkXKYqF9PC49rV6pEiHGG4FN8An-cwzYRmMnO0XrQ&cry=1&dbm_d=AKAmf-C3wGgtarlC4wL4iQRgaAZweiJ2TIx1vnym8RtCO8_QpQolH2_oJzzlfH_fNc1T-ehq5qaOpNDhXwGmeuebIGUj-Ba85V_X1aGlJwlzn_P84EVbWne2krURHPBy9UrZEN1XItyIfIUMaQdoG3wcsAUR71cSHr46ry7g7hfB5q95IuXKQBkyeaG-7DDb2kWn2eGHoxyPVT94Jz3V6KBW_2rgOHCajCEx5BIdt_BVd6cN9tG-iEeXzpLOB_TdyyV5TYCR_rnJ1jhFcqdhXRDN4c8-o5U-tVdtLQZxBxaL__Xi6iCuI8zo_DaE42lz6Hv9UKjo4uribxQFFHT8mdgQg-CGZuyFauMaDP-r7tgxDNHH5ZnuqB0AqivsNukfNvCNJBukivCQ0i-tH3MfyDzfv4aRHXahOsSLb8Ct_RVDhuZrX4YwnQTthDgp6EmM2OGO-uwdQLNC_zb85QDA7IUQNdyBVbL3dIP3kMDjp4QvprnJxsyoAhiX3zoQvia3MtfVQ6EkUXUKCHPtFF5EWNqcoPOUsWFEu9UP_RrlNzXRl90LqA_tHwCXAZwDphtuR15SgNl60L7WexvP0lBTg0CD4SczNYcAzHBs6LDsyb1ymWBWqNqYuAriKCJk1fq-M_13TaRCFs_SlbV7H69JClos43Bc7HGWLHyxdTPcVagFwrMzFE_MIEEjh8gA5h_sxj-EQ1XiSyxqhPbD7wxhMuRgVMNNUzq0F4onmuYQAaTyf8RUZfriHRNFLo8OOUF2R0deYK6GI5S_8xMM4vfknDAHvsdnRUEB6VYqboa128JTx1OA6w0i5GEaPNIOSc-HHXtPK-V06fhEUiU4_XF9n0BcLPJ7gjyL61X8QQaPu9OmzdGIUEHAL-PT0Z66FrnzYCXuE6lvPrtAt0ouu4d2qpjTUiuJd4F17nST_iLGfSt3QbTToRRcCxTSKc29aKptq1ASR4cesNtIckyqrvRJL0pYrD26sA8WEQppArfXpmgV7C0_F2J4VSURi5ShSLIzmb5IEEW_2-LpDOB65opomTWqrxxMEDfE5YgC8YkMNNq6iByqFTVH2Cx1yafi21oV83wXhzOhk65StXV60luoLloqcvYV1jjJXZkqZXXaSqnA9QWY0qzgOc6qj_hrjh1_uBsW5-0O0TKwOrUzddc-pVMH0Rpu8QrL0lhzDIVZGDX7o6wMg0B1mH4sZmsjh27XRKLCg7fMb9P3I95sZeqskkDxubWv2l6dgZOCv6PkTDo8f_6tHlf5ocJefCo5F8n-oEtV7UiotYNU4Y9rTa3yGZk6dM6c1YoNLQ8L9XFXOnGuz6c7SIpLMHKtnukg7Yx8sRlEvcjcOC-SK2sYmg7bERyxvgfU0xXkNI0cXjZhOawgQYnmpNzJ-1hlNsFdPbN6xvUcpH0sECYkcgoxxf2YZdSWfVebYfulRf5ew76DwjB5yfn28XgOjmhLhDlwvF3y4o22fLGloNS25eiUyvq9WD8qqj35AqSCS0Febr7Qhv-fS1YBkslHvaVJrl1AOpifgVR99YnNxowbmwOXMhx_tSz3QRfZT-a6HiXTTsK8e_8JeuKmIY7D4mfHw7XzisF0bKXwen-HiYX6_SmmiPyhAAu5mpB5FwORGVKSSPTTcaLXYTiK-MFgdCMmDMydIgpTh4WBu0pKcTwSPvRMa-xFsuQH8y3ISCLG1lyoRiShBEaXdKrNJuYYWtyXoTd5gamr59PzDdAzU7VXzoegm3C0hVb41csresOyomJ2rTmKWkgccV1G6GsKI6KB5FzNTrEZ8sRenMoEoA9n9V-WN30q51qmSyE-qusE8L4lrGci9pFh14XBYZ5Pdbqikbp8qCgRtrsDJTy1jcEorKeiWzhb5P_npKtRq0qNmIvFEni7nCmwhmzhyJ-2wuJaybv4JUd1u1KfhXSipKTFbqACRfgW-7kmjMOJvcNUaQYbchIykv9dJRURtE0HqOi5J8f8707Rw7r6KRvmy7B3hDxBWUfa0em0YSrA49widHVFDV0e1Y5MQK0pj4-12-X6hwK0Gbi55A0e5PKX6XsY_yaJ5Egth5py4PRpbyAwzTI0NHMlVWztl-at4pwTyusbNkyg53iiRWeznTfY2hRfBrWIWZe0acHPIPavLWy9no3x4DOButhgVQv13VHhZkglwhP6i9WcHWnBW-CrGQ1odJ9_UHpTfexN4h19aKiG6ds6H2EZbG4iATi8m3p3XfV1DeDtfvMLjcyOslwX0iEkcs56SyviE3rjZiGNYdTP_OrlbBvYALkzHtOvbvQA1zGVP0phoGvjLyndnMdw_xG8yKUn-YXNXw7nes1QPHUR7FfDeRIZccWi1lTfNhXKbyxVYtwe5cO7_iJ7z8sy3nQkwzo2L9h-KtcAtE3WlQJZi0yAYvt7AFUUL_wH6BwOjWU9n1kwwTdBKUPqW-hO1WHLLNaiNNyBu28JF43LP8xsULscRcXijjgZWahz-g7K7zqGfDPDqzdheCtl0qXrSEFqzbsHNiaMk3LVeBVclpAynzpOZpia5sTe5GfYGEepwSI3fXD8nYJAJGx4EZcg7IC0yEke52Rw0OleodUEVwvRxvAhEF0yjWcLx2ts9LnfO66FaVfPaEtnYrDvKOoAYs7r6COy0ZSqpy9sZoreZjN8NHOOzy4myWWTG9nPM5hylbLAzJi9XpImUYf09SYZWRCs2n1YZIVxwSMzVYzwn2lIjmNBq_gEUh6qEAudqn5VF5gsEromgLYVMpzfbdmQWmO0ajE5urylsDikfC10WI0cHH67mQeO6coa8KJD6m3SeqzEUW2zay4k-ahptbTfPmcFsTuWRCezPY9lTywp83_uwFze_Y3JWgajxr-aHBVd-7jtRvzWXlrBApfYRDjxwXdFjvtaUJMAtYUAgQUYQbF7ZSvJ8JJ9XD6uJYAUc03UZ3e8Ft-T8yhN-tRFkVDCyWLJ2FbnyzU1oQb6nQqJDe4NvddSZkaPvELQZ2poHXQiOoUlMljpEbLmDyMqgaNi6POUUwyIixhyksqwkeBoXzJxC4C3HH6eSk5H3WXimIym-b8y_Sx8Yhw7zhw9z4SD1oPPFED_AiSk_MCtzlD9s7V9i2PtrI08Cj1o7AQAmynSvKSqn2_BN8zW7hRlMk35oDMXa3Ncqu823x-_XW1v060Jz9hRm_3dpvdu_0VRjfd9lVa7JoqOkwYdqBQ16gsyADMVmopEn8rziFtV32xKpWMwhBImzV8HUB4n_3EBu9iME5NgYh4o8YCGPfDZfROb_OOcbUVi9kDcUhXJWNwYjtmadbsHyYFu-Ovp8Q7EQiwSrr2MZ0qrhNxPrdLVsTrsLu_IpWH8oQCnd-qDz47B8Arn7Tt0Dm5IreZqitUXiUCkMPt86sechBShunRuTKJbp2-PGLB8abAa0mg1hhUYgpparFWC1OoG9g0g16eRSEC24q4RurBuOSK_CE1uompYCxa2o5C4ZUD6o2ytEZyOXTHq1xfs3n18niCAWgJvAIkjBI2dVW0z5latQXjke1z6Rqz7gRI4nT47AqXMU-uvLsvG31ZRC0iCgx4c4IVnQosSBO0L6zFbv1hG7wYC1zvWhos88qrYIV7V2bl1GIRdWIy9KY-bU66sQwGHPuI3naeP4PVc4AZrc6gKBGxmV3mMMVPyWL90fLuD86ws51QGKjXpCb5uxBgxX1YrqbkA-QSK8SCB7NTDKlaVkqyoEuDf9xkmh4cMNm1pQZV5DcF_o6g_cLndXV2f-VuLWtoCZdavi0fVVIOxBGmQa0uEuQOSmyPW0S5C04qpvjH93vdToDaivOSPSgSzYJAaQYU4lij3FhkS5GCN41PT59TJDIk7aFzhTj0YS4QjanM3HHdWPCQGArkQ3OZJOzkGHvVNh4f4YoUJFQkdB1_Up-aT7FSGYWZPbHLlgClkoHdLhjNT0xUoDt6aX1zppkUqC6_tXZiHiGvBsIDLvOieDJ1s9jlvW_Nx&cid=CAQSTgAvHhf_ZO0-wuRWKF_SkbTydSgKEudE39QphS7rEFj9M8bYJV9Z5NKtfQ-5NBBOjUvEHObhezuxHpjUqF9j4XS1CunRg0L_PcNi5ii0uhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

cafe /

Resource Hash

8de61c844fb31c7dca04c04d96ff0fe4440d78f5df1adead4d2f3597e875c5a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17047
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E38F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e8b12d0dee9e000bf08f151c98ed08a3ce719a5ac280f7b235880a19dc01863

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A978 6 KB
3 KB 32ms
30ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://govbenefitsusa.finanzaspersonales.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 15:31:03 GMT
expires: Sun, 19 Jan 2025 15:31:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame A978 9 KB
4 KB 33ms
27ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:31:32 GMT

GET
H2 200 72dec243480e04519e6bebe1d06b7773.js Show response
www.gstatic.com/mysidia/ Frame A978 42 KB
16 KB 34ms
30ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/72dec243480e04519e6bebe1d06b7773.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b56485b7e76e03fe9b013955a1dcd62877d450051c2ea16f8ed49f4937fe2bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16639
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:11:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A978 2 KB
823 B 35ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:04:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:04:47 GMT

GET
H2 200 225b41ed88c62531366cf4cb1e3af510.js Show response
www.gstatic.com/mysidia/ Frame A978 23 KB
10 KB 45ms
42ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/225b41ed88c62531366cf4cb1e3af510.js?tag=exit_2019

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38dc2783a703ac49c516389fb9e87bdcdbc427fdc643d7e9db0666fecf8e1f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9756
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:11:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame A978 23 KB
9 KB 35ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:23:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A978 3 KB
1 KB 38ms
34ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:15:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A978 20 KB
8 KB 33ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:12:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A978 206 KB
65 KB 36ms
34ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:31:04 GMT

GET
H2 200 0c5a714edd9118dc9a192723ed81c7a6.js Show response
www.gstatic.com/mysidia/ Frame A978 37 KB
15 KB 38ms
28ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0c5a714edd9118dc9a192723ed81c7a6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2da484e85debdc069e2c470a27fa29be56c6cda3ee39ef3ac041e9c1fc90e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15431
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:26:35 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0081 42 B
64 B 93ms
92ms Image
image/gif 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4OsBbTt8-RvW52waO6y6Rd2ObenGKFY7YxpwBxccvPNGPXJ2wV7lEde9XUMSomVDnVzFB-lyFe10AoZ0QxnLxhQ_gd9TPBeBYmkBlUMU591aFPqXx4SyhNJecyEY9qmDV1I_-xNJSz1x1L44EjpLePi2C&sai=AMfl-YTxDjVsoypawZ2jGlbwmDTms28EcjKlt9C_yZsLoz1e6FDTjfePyvTRwGfYtj3JFfyJRKxY1ythewixKP5qd3jbmYjKMcS8IKMSCgV-Gjq7CRW4R5zRmWZzPwLhfocH-crL1McAp9os0BqYyqye&sig=Cg0ArKJSzHh48qWSE-RiEAE&cid=CAQSTgAvHhf_piG6ooEWNgHHp5UOgXPpYNwYJ-oQ187hRZ-xQHur5F-TaaswOhxdScwcKQgRtVdUpiIRffSzh5w8wAh1zgUeQCnJQr7H_7nP-xgB&id=ampim&o=632,227&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=259&tls=1260&g=100&h=100&tt=1260&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://govbenefitsusa.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E38F 0
0 117ms
117ms Fetch
text/html 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CdZDON-erZfKLKuyQo9kP09SWyAXfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnujovApIwQyAEFqAMBqgSfAk_Q5UxuUIKj6UIgjCiK-6-PoEOTyogx7YnzK7IMRCisKHxwQKZZztdXXkVm3wQqq-jZFTtSwjK1BBT8UbwAulWz-2DxWpygf6D1RFvMXr5YOcYOH_D0aZ_8AJVN_44oJzOurLEXwJG1Fa2VREblN9Sd7burDaQtxbKtFQotJZyWAo821oLP8gSvSV1Y-k_FIqw7Le8GapOsTaAZQOqxTOKqo5Wj_dtUk1xejREnnHZL51_doOvgp__jatjL7dXanDqtqGp70eKpa5uN6AcBo7SPAWss5mYWtx11YlZdBqL_mq3Pm5gIFgZq4vIb59aEBRLPdgeWxakTaxqQpAFnc8x03D8UhQh88ReY5eAXoZWUsaom5e0AMsjq61n6bsQ2wAS_no3s0wTgBAOIBYGhvuZNkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAfOpYHyA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEMOGDBjSuf-BAtIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY2JOxxqTsgwOACgPICwGiDAgqBgoErLqxAuINEwjkxbHGpOyDAxVsyCgFHVOqBVmwE7CJiBbIE5GwjeQD2BMKiBQB2BQB0BUBgBcBshcfCh0IABIUcHViLTk4MTc4NzE5NDYzNTUxMTkYkoqJAegXBQ&sigh=uDc23qM1BbU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_ZO0-wuRWKF_SkbTydSgKEudE39QphS7rEFj9M8bYJV9Z5NKtfQ-5NBBOjUvEHObhezuxHpjUqF9j4XS1CunRg0L_PcNi5ii0uhgB&vt=10&cbvp=2&vis=1

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 15:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 151ms
91ms Preflight
text/html 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 15:31:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/ Frame 65E2 175 KB
38 KB 51ms
50ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/72dec243480e04519e6bebe1d06b7773.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369d2e4ebf001115ee1082814e24088745efe67bee9b4efaf16a3cfd4e84bb68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 15:31:04 GMT
expires: Sun, 19 Jan 2025 15:31:04 GMT
last-modified: Fri, 03 Jun 2022 13:09:03 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame E38F 0
234 B 219ms
132ms Ping
image/gif 2a00:1450:400f:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrm88mmd&c=7392217717434&slotId=3696108858717&qqid=CLKD5sak7IMDFWzIKAUdU6oFWQ&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
dvrtr.innovid.com/v3/ Frame E38F 20 KB
4 KB 275ms
171ms XHR
text/xml 172.64.151.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dvrtr.innovid.com/v3/vast?_media=1&ctx=23056155&cmp=184135&sid=4847&plc=3933653&advid=7310&adsrv=118&psf=0&_vast=https%3A%2F%2Frtr.innovid.com%2Fr1.6571f0fe045bc2.35392522%3Bcb%3D%7Bs1%7D%3Fivc_adstxt_domain%3D%7Bs2%7D%26ivc_adstxt_publisher%3D%7Bs3%7D%26ivc_appid%3D%7Bs4%7D%26ivc_campaignid%3D%7Bs5%7D%26ivc_creativeid%3D%7Bs6%7D%26ivc_orderid%3D%7Bs7%7D%26ivc_dealid%3D%7Bs8%7D%26ivc_publisherid%3D%7Bs9%7D%26ivc_site%3D%7Bs10%7D%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3D%7Bs11%7D&_s1=1705764663689650&_s2=google.com&_s3=pub-6021724631432713&_s4=&_s5=20884459649&_s6=541056210&_s7=1015240721&_s8=549644393846647869&_s9=1&_s10=412722566554&_s11=AD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]&DVP_PROG_REP=1&DVP_DV_TT=4&DVP_PP_ID=3&prr=1&DVP_DV_CT=2&DVP_PP_IMP_ID=ABAjH0iPNa5JHt91iRYOQjSIVN5F&DVP_DBM_1=INSERT_DBM_CUSTOMER_ID
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 404d7e13e481f6694beadfae34169fb618cfcdbe80134074c42bfae1b77bef04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:04 GMT
content-encoding: br
server: cloudflare
vary: origin, Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84885cc2a87336d2-YYZ
link: <https://s-static.innovid.com>; rel=preconnect, <https://cdn.doubleverify.com>; rel=preconnect, <https://s.innovid.com>; rel=preconnect, <https://rtr.innovid.com>; rel=preconnect, <https://tpsc-video-ue.doubleverify.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect, <https://ad.doubleclick.net>; rel=preconnect
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame A978 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75d0acf02cb63d3f31b60c5dfad1baf60ae5573b8d3def9eee6086cd63f24852

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 146ms
146ms Preflight
text/html 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CNVcEOOerZdjPBPaYo9kPofyS8Ayyq8qvddat2M7_D7CQHxABIKvKg5kBYMnujovApIwQoAH89cD_A8gBCeACAKgDAcgDSKoE1gJP0IFngrKcKCsABUgueGNvor8JFWvtUaQIWAu8W0aTromxBsHuYBrb7I0XumxNtRz38F2aYap2sEdSXh8zAi0aWngCkdfqKWepStqazgiKYwLTKFY4jGvMFaF3I22JkbJr3lDmWZb3CpcSif27d-LWyK0B-k05eXrJ0Ho-Guurq6K_i851O99c6Kz21CAzbDQs1rmRLn5XA3Owcyf6oaVwE8kpYeLtZvWTj0HbhXFnxfUrX2xfp-9pECoHkGhrzFcV5uYQzng5_v15QMUhlTP3bsxn1WBX15X5oHgDKnl4A4DRcK-FEkw7gNeu8VqdS3EEEjbNGcZGl3k8dF_CRz0KK_oMdBYXWEHKObuFn_moFCZ--ewMeG_V7gi1Q1Pd-RXdneGhOCznXKchmsh9SKynBYAuhpnin05GxQwIG58iWrYi0g6hIpQPxcvDoTfAj2lRc5cD-oLABPrjzZq2A-AEAYgFx_WvtiCSBQQIBBgBkgUECAUYBKAGLoAH7Ik_qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQvaZB0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlj9_7TGpOyDA5oJQWh0dHBzOi8vd3d3LnBhdGlvZW5jbG9zdXJlcy5jb20vY3JlYXRpbmctdGhlLXBlcmZlY3Qtc3Vucm9vbS5hc3B4gAoDyAsB2gwQCgoQ4Nj0vZi7vLodEgIBA-INEwigrLXGpOyDAxV2zCgFHSG-BM7YEwzQFQGYFgGAFwGyFx8KHQgAEhRwdWItOTgxNzg3MTk0NjM1NTExORiSiokB&sigh=GXPUn5p2yXY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_EQf33UvCsgG21xIG11ixDZE3JIUFGl8R8V-XFyytz0vaMU65djbF5QmXC4_yDeDS0zM1Cnp96PYkG-xpC3lgEU_4ar_pgSpHBhgB&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 15:31:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A978
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CNVcEOOerZdjPBPaYo9kPofyS8Ayyq8qvddat2M7_D7CQHxABIKvKg5kBYMnujovApIwQoAH89cD_A8gBCeACAKgDAcgDSKoE1gJP0IFngrKcKCsABUgueGNvor8JFWvtUaQIWAu8W0aT...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaed87d6c27ed8f4d0000000000000000%22,%222%22:%220xb01ea8645abf8f30000000000000000%22,%223%22:%220xf18090e...

0
0

153ms
90ms

Fetch
text/css

142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaed87d6c27ed8f4d0000000000000000%22,%222%22:%220xb01ea8645abf8f30000000000000000%22,%223%22:%220xf18090e1362aa8540000000000000000%22,%224%22:%220xffbbd7dd54481c330000000000000000%22,%225%22:%220xf335c7449d5429370000000000000000%22},%22debug_key%22:%2211382680165283127741%22,%22debug_reporting%22:true,%22destination%22:%22https://patioenclosures.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221072708348%22],%2222%22:[%22true%22],%224%22:[%2201-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229306884146658423025%22}&andc=true

Protocol

Server

142.251.163.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xaed87d6c27ed8f4d0000000000000000","2":"0xb01ea8645abf8f30000000000000000","3":"0xf18090e1362aa8540000000000000000","4":"0xffbbd7dd54481c330000000000000000","5":"0xf335c7449d5429370000000000000000"},"debug_key":"11382680165283127741","debug_reporting":true,"destination":"https://patioenclosures.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1072708348"],"22":["true"],"4":["01-20"],"6":["true"]},"priority":"500","source_event_id":"9306884146658423025"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Jan 2024 15:31:05 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 15:31:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xaed87d6c27ed8f4d0000000000000000","2":"0xb01ea8645abf8f30000000000000000","3":"0xf18090e1362aa8540000000000000000","4":"0xffbbd7dd54481c330000000000000000","5":"0xf335c7449d5429370000000000000000"},"debug_key":"11382680165283127741","debug_reporting":true,"destination":"https://patioenclosures.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1072708348"],"22":["true"],"4":["01-20"],"6":["true"]},"priority":"500","source_event_id":"9306884146658423025"}&andc=true
access-control-allow-origin: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 65E2 16 KB
6 KB 31ms
30ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:04:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 20 Jan 2024 16:04:46 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 65E2 34 KB
13 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:07:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 20 Jan 2024 16:07:17 GMT

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 147E 50 KB
19 KB 30ms
29ms Script
text/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: 4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
URL: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 17:40:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 17:40:16 GMT

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 65E2 50 KB
19 KB 30ms
29ms Script
text/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 17:40:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 17:40:16 GMT

GET
H3 200 pic5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/ Frame 65E2 6 KB
6 KB 34ms
32ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/pic5.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a962ecde95a44a0836bc141bc62ba9d694847744bee815656502611067968897

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 Jan 2024 15:31:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5908
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 13:09:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Jan 2025 15:31:04 GMT

GET
H3 200 Responsive-ads_336x280-family.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/ Frame 65E2 13 KB
13 KB 56ms
54ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/Responsive-ads_336x280-family.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af1392b7898fe925fd3d1a0baecdb2993b4a88336ce002c451c7066e68305ace

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 Jan 2024 15:31:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12921
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 13:09:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Jan 2025 15:31:04 GMT

GET
H3 200 Responsive-ads_336x280-dining.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/ Frame 65E2 15 KB
15 KB 50ms
48ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/Responsive-ads_336x280-dining.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c5cbbe5e768f321dbeae20fc846ee567ee176b828e625b971f8834a99dddd2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 Jan 2024 15:31:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15301
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 13:09:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Jan 2025 15:31:04 GMT

GET
H3 200 pic2a.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/ Frame 65E2 14 KB
14 KB 44ms
43ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/pic2a.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74939134d6d02d23c1bc17a8b80016ec7b20cdffb2676695f487d19c7e6ed61

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 Jan 2024 15:31:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14193
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 13:09:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Jan 2025 15:31:04 GMT

GET
H3 200 Responsive-ads_336x280_lead.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/ Frame 65E2 12 KB
12 KB 60ms
59ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/Responsive-ads_336x280_lead.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f55d7887254b4294233a4e5eb73bae11e43014466dc85e267cd584e83ebea7df

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7992368500864383828/NewAd-336x280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 20 Jan 2024 15:31:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11790
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 13:09:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Jan 2025 15:31:04 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E38F 0
54 B 133ms
132ms Ping
image/gif 2a00:1450:400f:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrm88mr8&c=7392217717434&slotId=3696108858717&qqid=CLKD5sak7IMDFWzIKAUdU6oFWQ&fb=outstream-lima&vmfc=13&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame E38F 41 KB
15 KB 30ms
30ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 16:15:59 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame E38F 453 B
594 B 34ms
33ms Image
image/png 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-6021724631432713

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Sat, 20 Jan 2024 16:21:04 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E38F 0
54 B 133ms
132ms Ping
image/gif 2a00:1450:400f:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lrm88mz0&c=7392217717434&slotId=3696108858717&qqid=CLKD5sak7IMDFWzIKAUdU6oFWQ&fb=outstream-lima&gpm_i=13&gpm_c=13&gpm_a=13&smb=Infinity&br=20000&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=1&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.1n0~atrd.1nb~videopreviewvisible.1ne&ua_e=1&umsem=0&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 19_source_184135_960345.mp4
s-static.innovid.com/media/encoded/12_23/691297/ Frame E38F 35 MB
0 114ms
29ms Media
video/mp4 23.56.163.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-static.innovid.com/media/encoded/12_23/691297/19_source_184135_960345.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.163.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-52.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: y225.D.VW8QrPb75AnbTLOz1S2fW1t1l
Date: Sat, 20 Jan 2024 15:31:05 GMT
Last-Modified: Wed, 13 Dec 2023 16:38:15 GMT
Server: AmazonS3
x-amz-request-id: NEETQZ3GEQ5GE9N3
ETag: "44d0ee8dbde7ba2f13390898afcd2d20-2"
x-amz-server-side-encryption: AES256
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-37903296/37903297
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37903297
x-amz-id-2: fsz+kA64/3x+vg0aZxUbZHP/8FufysXnEk+Y9aoTXB+sIKlBpkqW97BB9iLyI3XC6jItn9DuEyA=

POST
H2 204 csi
csi.gstatic.com/ Frame E38F 0
54 B 134ms
134ms Ping
image/gif 2a00:1450:400f:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lrm88mzg&c=7392217717434&slotId=3696108858717&qqid=CLKD5sak7IMDFWzIKAUdU6oFWQ&fb=outstream-lima&gpm_i=13&gpm_c=13&gpm_a=13&smb=Infinity&br=20000&mt=video%2Fmp4&vs=1920x1080&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fdvrtr.innovid.com%252Fv3%252Fvast%253F_media%253D1%2526ctx%253D23056155%2526cmp%253D184135%2526sid%253D4847%2526plc%253D3933653%2526advid%253D7310%2526adsrv%253D118%2526psf%253D0%2526_vast%253Dhttps%25253A%25252F%25252Frtr.innovid.com%25252Fr1.6571f0fe045bc2.35392522%25253Bcb%25253D%25257Bs1%25257D%25253Fivc_adstxt_domain%25253D%25257Bs2%25257D%252526ivc_adstxt_publisher%25253D%25257Bs3%25257D%252526ivc_appid%25253D%25257Bs4%25257D%252526ivc_campaignid%25253D%25257Bs5%25257D%252526ivc_creativeid%25253D%25257Bs6%25257D%252526ivc_orderid%25253D%25257Bs7%25257D%252526ivc_dealid%25253D%25257Bs8%25257D%252526ivc_publisherid%25253D%25257Bs9%25257D%252526ivc_site%25253D%25257Bs10%25257D%252526ivc_dsp%25253Ddv360%252526ivc_dbmtoken%25253D%25257Bs11%25257D%2526_s1%253D1705764663689650%2526_s2%253Dgoogle.com%2526_s3%253Dpub-6021724631432713%2526_s4%253D%2526_s5%253D20884459649%2526_s6%253D541056210%2526_s7%253D1015240721%2526_s8%253D549644393846647869%2526_s9%253D1%2526_s10%253D412722566554%2526_s11%253DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg%2526_api%253D%255BAPIFRAMEWORKS%255D%2526_ssm%253D%255BSERVERSIDE%255D%2526_tsm%253D%255BTIMESTAMP%255D%2526gdpr%253D%2526gdpr_consent%253D%2526_abm%253D%255BAPPBUNDLE%255D%2526_pum%253D%255BPAGEURL%255D%2526DVP_PROG_REP%253D1%2526DVP_DV_TT%253D4%2526DVP_PP_ID%253D3%2526prr%253D1%2526DVP_DV_CT%253D2%2526DVP_PP_IMP_ID%253DABAjH0iPNa5JHt91iRYOQjSIVN5F%2526DVP_DBM_1%253DINSERT_DBM_CUSTOMER_ID&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 166ms
91ms Preflight
text/html 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 15:31:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame C4BA 23 KB
8 KB 31ms
30ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 84076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 16:09:48 GMT
expires: Sat, 18 Jan 2025 16:09:48 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame C4BA 39 KB
15 KB 31ms
30ms Script
text/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 15:00:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4BA 0
20 B 92ms
91ms Image
image/gif 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BWhtMOOerZZKjI8mJoPMP9YC_qAcAAAAAOAHgBAI&bg=!vb6lvvHNAAa8BdJLnAU7ADQBe5WfOCGyHs3uUFg_omb-5E8pGoIG1amS6vZ3vkgi_sEffBEmoexocruZQNvLV3ODGV2ZAgAAAFNSAAAAAmgBB5kDKiHY5YoJAVA1ozsjlZeKWpuXOJOlw6__CHmR97lk-gdiuWuVjz5Zw3Y9fci-aXDH5mJzGO8mlbiD8HeMW1Od3CbqWbZWvCR4vBBPGSrxWMxuguXd9FcwscK-fvn0fTtPgS3BLd5mhV3aiNEnlKBTcUSHP07q8SSP_KqPOp8eX4dLayp5_PdEqSLHQqFXOZf-Gp3Y5gCCs69qPGPvMXMSNuA48XpPUB4BNCrEzdWIMgTfiegYJlg4o0pAjmZAgvVpawFFVmQCX5uIDLGu_YnE2MnVH3JUvockGvXBVO2IrNlWrQg_xzDMJw595wrew1uXCM5yT_4iVQe4jn4549_wCyRepE8DJ9D5p2AKEm7DIsaDLnR2jhogxJj_nKuGnPVDyjMQnjyeve4osuAlrO6wgu42OpaBFVO8nO46kBRlvTMmtSYcZfCSgNx_OWhHv0ln1xHwAS1mFl7FTkMcl62TXPJR1LMK4lTnFqo6HVCf5sL3lrPk9xpxo8PQB6ufaa0llrHDiOIO--zAIDr8d5T6COFVDkA1hkk3-tZP0P7M2JybCqS-0ymJMY9Lf1kwC74mdbD6AV_rafLkCDyD6zj0VDkedyFbLEvaFGGbn6DJ66ueIJu5BONZLfuGy8k-yl2MbW5zdTnZa6Su5GmlI3o9M90PU8NX2R9OwVOLH-heH-Hw7GzllZe8X-e4upC_qWPi4clIohAhpaly8LbfBI6RuKf18UUhzsJj_GsSU8uXtkZQTuTk0tR0hDFx0xeXrY4Kbndp7KcMssUQtn3xVaQ1XljHpp6IIeqiKFTAg0zV68OC8xEeQLOtfNSeq8AUcQ_w2KFy2KPKP9mlENf3N4rXNb657FtK97-G1yApQts3pI7hGMYqvLLR3IhMJdSWVY-BSAhdmqfmIm7A8Pn4Yatm6Mrj8Y8_bbNFfomZxQr4bWDzSOXThkb7X17eCeNAytkALLniiGVNV3QGhQuY5NTt3ctB_i23dTfO4xxCb6RBCMAuGJoPuqYrB0WXJn3I3WG3RNhpS7m08Ib5-fiq8FIY0HniD0D5Kzj4zlvkBIFAVHFsRFPABQEAz2TXhQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B31045744.383253085;dc_pre=CJCjzMek7IMDFesliAkd7ioIpA;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7BAUCTION_ID%7D;dvs5=1;dvs6=103;dvs7... Show response
ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/ Frame E38F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7...
https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_pre=CJCjzMek7IMDFesliAkd7ioIpA;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7...

42 B
347 B

58ms
57ms

Fetch
image/gif

172.253.62.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_pre=CJCjzMek7IMDFesliAkd7ioIpA;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7BAUCTION_ID%7D;dvs5=1;dvs6=103;dvs7=$%7BBUNDLE_ID%7D;dvs8=$%7BCREATIVE_ID%7D;dvs9=$%7BINSERTION_ORDER_ID%7D;dvs10=$%7BPUBLISHER_ID%7D;dvs11=$%7BUNIVERSAL_SITE_ID%7D;dvs12=$%7BEXCHANGE_ID%7D;dvs13=1120300705;dvs14=1120300705;ord=1705764664848;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;;ltd=;dc_tdv=1;tpsrc=ima?

Protocol

Server

172.253.62.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f148.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_pre=CJCjzMek7IMDFesliAkd7ioIpA;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7BAUCTION_ID%7D;dvs5=1;dvs6=103;dvs7=$%7BBUNDLE_ID%7D;dvs8=$%7BCREATIVE_ID%7D;dvs9=$%7BINSERTION_ORDER_ID%7D;dvs10=$%7BPUBLISHER_ID%7D;dvs11=$%7BUNIVERSAL_SITE_ID%7D;dvs12=$%7BEXCHANGE_ID%7D;dvs13=1120300705;dvs14=1120300705;ord=1705764664848;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;;ltd=;dc_tdv=1;tpsrc=ima?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
ag.innovid.com/ Frame E38F
Redirect Chain

https://s.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&actio...
https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&acti...

43 B
296 B

210ms
31ms

Image
image/gif

2600:1f18:445b:903:224c:932:a200:6f16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&action=play&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg%26iv_geo_dma%3D514%26iv_geo_country%3DUS%26iv_geo_city%3DBuffalo%26iv_geo_state%3DNY%26iv_geo_zip%3D14202%26iv_geo_lat%3D42.8867%26iv_geo_lon%3D-78.8927
Protocol: H2
Server: 2600:1f18:445b:903:224c:932:a200:6f16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
server: nginx
content-type: text/plain
location: https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&action=play&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg%26iv_geo_dma%3D514%26iv_geo_country%3DUS%26iv_geo_city%3DBuffalo%26iv_geo_state%3DNY%26iv_geo_zip%3D14202%26iv_geo_lat%3D42.8867%26iv_geo_lon%3D-78.8927
cache-control: no-cache
content-length: 0
expires: -1

GET
H/1.1 204
No Content event.png
tpsc-video-ue.doubleverify.com/ Frame E38F 0
162 B 193ms
44ms Image
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-ue.doubleverify.com/event.png?vstevt=0&dup=204b3b77-a1bd-419e-b9ee-feb417ffe65a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Jan 2024 15:31:05 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 2024-01-19T15:31:05

GET
H2 200 dc_oe=ChMIkp-cx6TsgwMVyQRoCB11wA91EAAYACDIr99iOhoIo6z2mQQQv56N7NMEGJGwjeQDIK3b5MOJEkITCLKD5sak7IMDFWzIKAUdU6oFWQ;dc_rmcid=CAQSTgAvHhf_ZO0-wuRWKF_SkbTydSgKEudE39QphS7rEFj9M8bYJV9Z5NKtfQ-5NBBOjUvEHOb...
ade.googlesyndication.com/ddm/activity/ Frame E38F 42 B
401 B 178ms
93ms Image
image/gif 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkp-cx6TsgwMVyQRoCB11wA91EAAYACDIr99iOhoIo6z2mQQQv56N7NMEGJGwjeQDIK3b5MOJEkITCLKD5sak7IMDFWzIKAUdU6oFWQ;dc_rmcid=CAQSTgAvHhf_ZO0-wuRWKF_SkbTydSgKEudE39QphS7rEFj9M8bYJV9Z5NKtfQ-5NBBOjUvEHObhezuxHpjUqF9j4XS1CunRg0L_PcNi5ii0uhgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOljYk7HGpOyDAw;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15232%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D717753612%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705764665241;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E38F 42 B
108 B 66ms
61ms Image
image/gif 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cy2_ON-erZfKLKuyQo9kP09SWyAXfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnujovApIwQyAEFqAMByAObBKoEogJP0OVMblCCo-lCIIwoivuvj6BDk8qIMe2J8yuyDEQorCh8cECmWc7XV15FZt8EKqvo2RU7UsIytQQU_FG8ALpVs_tg8VqcoH-g9URbzF6-WDnGDh_w9Gmf_ACVTf-OKCczrqyxF8CRtRWtlURG5TfUne27qw2kLcWyrRUKLSWclgKPNtaCz_IEr0ldWPpPxSKsOy3vBmqTrE2gGUDqsUziqqOVo_3bVJNcXo0RJ5x2S-df3aDr4Kf_42rYy-3V2pw6rahqe9HiqWubjegHAaO0jwFrLOZmFrcddWJWXQai_8KsVW4LmlGU9iUIMTMsnqSE59GRjx8eCrGFS6kpOlrU6yKQDV-d-t45gEtkmYkyIDeFCv1z89DiPuTyc7z9pPuFe8AEv56N7NME4AQDiAWBob7mTZAGAaAGeYAHzqWB8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljYk7HGpOyDA4AKA8gLAeALAYAMAaIMCCoGCgSsurECqg0CVVPiDRMI5MWxxqTsgwMVbMgoBR1TqgVZsBOwiYgWyBORsI3kA9gTCogUAdgUAdAVAfgWAYAXAegXBQ&sigh=vtF6i0616kc&label=part2viewed&ad_mt=5&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15232%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D717753612%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705764665241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
ag.innovid.com/ Frame E38F
Redirect Chain

https://s.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&actio...
https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&acti...

43 B
295 B

210ms
32ms

Image
image/gif

2600:1f18:445b:903:224c:932:a200:6f16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&action=init&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg%26iv_geo_dma%3D514%26iv_geo_country%3DUS%26iv_geo_city%3DBuffalo%26iv_geo_state%3DNY%26iv_geo_zip%3D14202%26iv_geo_lat%3D42.8867%26iv_geo_lon%3D-78.8927
Protocol: H2
Server: 2600:1f18:445b:903:224c:932:a200:6f16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
server: nginx
content-type: text/plain
location: https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705764664848&placement_hash=1e847t&action=init&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg%26iv_geo_dma%3D514%26iv_geo_country%3DUS%26iv_geo_city%3DBuffalo%26iv_geo_state%3DNY%26iv_geo_zip%3D14202%26iv_geo_lat%3D42.8867%26iv_geo_lon%3D-78.8927
cache-control: no-cache
content-length: 0
expires: -1

GET
H2 200 uuid
rtr.innovid.com/placement/1e847t/ Frame E38F 0
215 B 227ms
32ms Image
text/plain 2600:1f18:445b:902:69fd:1977:65d1:c078
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtr.innovid.com/placement/1e847t/uuid?cb=93eeb72d-135a-f9bc-b8a0-a83eeb538fc2&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg%26iv_geo_dma%3D514%26iv_geo_country%3DUS%26iv_geo_city%3DBuffalo%26iv_geo_state%3DNY%26iv_geo_zip%3D14202%26iv_geo_lat%3D42.8867%26iv_geo_lon%3D-78.8927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:902:69fd:1977:65d1:c078 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
cache-control: no-cache
content-length: 0
expires: -1

GET
H/1.1 204
No Content visit.jpg
tpsc-video-ue.doubleverify.com/ Frame E38F 0
162 B 203ms
56ms Image
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-ue.doubleverify.com/visit.jpg?vstevt=2&tagtype=video&ctx=23056155&cmp=184135&sid=4847&plc=3933653&advid=7310&adsrv=118&DVP_PP_ID=3&prr=1&crt=1gs8ig&dup=204b3b77-a1bd-419e-b9ee-feb417ffe65a&dvtagver=dvot_2024-01-19_3c66a0270_45ec3c9&DVP_PROG_REP=1&DVP_DV_TT=4&DVP_DV_CT=2&DVP_PP_IMP_ID=ABAjH0iPNa5JHt91iRYOQjSIVN5F&DVP_DBM_1=INSERT_DBM_CUSTOMER_ID&vad=15000&vmftype=video&dvp_cfbs=99&dvp_infra=cloudflare&dvp_zjsver=0.21.19&vstvr=2.0-i&dvp_media=1&dvp_psf=0&app=-1&essd=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Jan 2024 15:31:05 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/19/2024 15:31:05

GET
H2 204 /
vtrk.doubleverify.com/ Frame E38F 0
184 B 131ms
38ms Image
text/plain 2606:4700:4400::6812:2aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&ec=vast&cid=204b3b77-a1bd-419e-b9ee-feb417ffe65a&el=https%3A%2F%2Frtr.innovid.com%2Fr1.6571f0fe045bc2.35392522%3Bcb%3D1705764663689650%3Fivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiyg-bGpOyDAxVsyCgFHVOqBVkoATABOK3b5MOJEkACSAFYiIQgENK5_4ECX83p3lk35cIvf9W4_6NBYg&ea=impression&cm114=1&cm115=128&cd101=vast&cd102=src&cd111=inline&cd112=unwrapped&cd117=2&cd170=118&cd188=YYZ&cd189=cloudflare&cd190=23056155&cd191=184135&cd192=4847&cd193=3933653&cd194=7310&cd196=1&cd141=%5BAPIFRAMEWORKS%5D&cd142=2024-01-20T15%3A31%3A05.251Z&cd143=2024-01-20T15%3A31%3A05.251Z&z=63621918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 15:31:05 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84885cc678256aed-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E38F 0
557 B 216ms
134ms Image
image/gif 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQ-W-4auAKY3pDMLsyR90LkLEeYXNvUc1Yg_B7BioVloPlx86RTBFnIAEinCgFkErAyWOhn6xH72UNexs7dEYsh9IfMboizTJx9EFPkmGRv55tp5hpk5UymE9R9cCI6XY7NkeLeNDM3UENQefu9jgmQdtYQTtVniRuWwVMHmZrwD0k4a2Juc40heocNitEjXI7iUPk9ahmxFYN5SG8LWdi7OaGfECZCskZJ_9osY-0vvf_VaLbwmbIDKdCxHVuExgvqTVFIfMELYVGFdZmnDfeY0Vx7t6_v5sC16yGDnwDAWCaBJQ7tPsffVWo5MAPwfpSdJBm-dwU_qvnqC1BiwLYOU2leUtF9IbCnOXg--ICZW83E4VURmC3UHS5f5Af3fPgmYxm6ng7MpcfbDutaG5uVmMyy-JTqIrxxtZqXrC9wvtbOynvzm9dp6u05p063usXcTJEzgcGR7zfUFXly8ohSkEZ3yWJo1P8S_dYApPlOro2q81K74wJ2tduLWYZRrRh06LyCbktjXWCY0RsZyyzQe9-S7RvdUH1ypTHzX6A2FVmzj2n70pQv49wddL3kVcAQESJehJU7aJsvtEKVJkYDZZbLLogclRRuBl4jQQjnbvMzeCIRob0zat94Moc94L7p90Zmgn2cl4BrMnIirDW07opRoXlrKX1j3yTX48IgAKNBjJj0FOsD_-rPOdCHoY09lPw-K-aMijZ8k-WGa1PypBwgjZrFfUqsQizJES4qHR9wA-ezCSAyknuSJVgc0V0JHbxLnxzaz5xzjeL9JMpbNCtQqmm5l6Y1tTqn3cIzMtqa4cOG3KKR_X2SclI4OF42PKjf7675CjFjof-t0kWj2K696VopMnF0QXy1xCMNBo6KVGPh23gwjIi8Pjocr_aJigNeRexIEFIaSoKKbLBYHMNIv5EJWe8UTilmSLqzBW07f1mgljr7LB6bvNUI171o5AhEZo9PYvw2NXF1VEwsfkiXIqJGGIjFwqAoZHwAhnCbz_XQlMl7KaoX6hh6pJ3YnvxpG9gTX161K0-PiPMf9RTpxz1pC9dxZ8FLNXTG_kAmdZKWoYX-5mVrz6L_m2E9_5HmAb969Cf_cdv9pWBJQzSIk4LC2ycH8N-eatY-IroUaxTY_djk3MuN9g3VcLqQylQBohf6n5u9FqrYYAF627wGq_hC2jOG3iU0Q06mxeybPi8uT7wAwNODnpP8XiXYuVoXuBe_Lk_BHaI3_x3RvDQJlGrix-22hC_E83SLCQ5VZdKSBGuwawtZZ-2auZumnmzLR63mpMJnaD_VslRLbatQf5JNsmBJ6mfz85everkyevKeWH-M5hnBYujvCeEAfwzxGamlJgIbDtPDlJzg6ocM6LP7-Yg5BW8X9NE_dnkIeE5qMM0W791FFw&sai=AMfl-YSKCRw6kcGBwCFheU7uvWKOurcZE5WPxtHG2AbN-OMuDwUEaqC7qrBdMnmgUbW3MFBSALhQLpSTCpL3icDRfIjop6cZK-WNRFtKIklyHZzmq2rHMHAx47iuV3YiAcX5sVVHM5-aH-78XaZwWD_Cu4QG8ItkpiCuKQ1Bs8iMTP_LQGKfIXcXdwTKXLjQArxb_2N8aDTj7I-fH-18P4tHrpvdex8CqrRDEIAUYO_Q80hsYTcZi-dHFPKEV5Jn3FWojc4VrUTPF_fujoC36xqm4M_aRl87gXZIcT1_gB6QPM_Mn2r8El0OApzHcHDmiphO&sig=Cg0ArKJSzJ21OVFimVaWEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 15:31:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E38F
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKHdmZYEEKOs9pkEGNK5_4ECIAEwAQ&v=APEucNXq614OZJWqJKhxjqd0FiOsoqk7zOIfFMtNRcvGG1OMQx9Y9LfW-8VWGpNTquGH0IHip8ncgdVWuNGjWUI8gZz-1k_iy--7ZJlKTCL2cu8dPOF...
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZavnORLbIdB2jXRLjLvObgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMvYrD6ay8Mx4zBSQuoJ4Lg&google_cver=1

43 B
767 B

61ms
60ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMvYrD6ay8Mx4zBSQuoJ4Lg&google_cver=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3HHGKSDUbc49XvOySGFWe2KLBuMyj1QRDFThHDL54rl%2BYba2S3zdB2HTUaoug3YXxNkLEDm4szUmD4CGtmIk5wYwJVx9banC7G2cexFRJ3JdKmnevswHq01trpTqfE9GRqsMwjhKQaKbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84885cc87bfb3870-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMvYrD6ay8Mx4zBSQuoJ4Lg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E38F 0
20 B 92ms
90ms Image
image/gif 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E38F 42 B
64 B 98ms
97ms Image
image/gif 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsz2XbEr-McwXLu1o1xi6KTSOKbOd6JCUY2gpX3vV09R2G8WwsIlSZZI1Tk4bJHeCwK2S9F0QEnESsY3RCh6vZm8WYK2a022rWL8lueWFgL3RGrlKGQI2Z2_SRV12VMqIcYLhB8Ddghqw&sai=AMfl-YTK7CmBCudew5P36VTMXYoZiGwrwzlkIp60J5T2_sP_Xf3iMW2m9iSq5m8S9FQEdj3YAQF8zu6nfeg6CHzdy01B3vqKX122KSHgpaUEHXeC3bD_vC-QdWn3asbR6g-p63RPvwoAbQg1cHH6murX&sig=Cg0ArKJSzB19xAMU2vJIEAE&cid=CAQSTgAvHhf_ZO0-wuRWKF_SkbTydSgKEudE39QphS7rEFj9M8bYJV9Z5NKtfQ-5NBBOjUvEHObhezuxHpjUqF9j4XS1CunRg0L_PcNi5ii0uhgB&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15232%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D717753612%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705764665241&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E38F 42 B
193 B 62ms
60ms Image
image/gif 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cy2_ON-erZfKLKuyQo9kP09SWyAXfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnujovApIwQyAEFqAMByAObBKoEogJP0OVMblCCo-lCIIwoivuvj6BDk8qIMe2J8yuyDEQorCh8cECmWc7XV15FZt8EKqvo2RU7UsIytQQU_FG8ALpVs_tg8VqcoH-g9URbzF6-WDnGDh_w9Gmf_ACVTf-OKCczrqyxF8CRtRWtlURG5TfUne27qw2kLcWyrRUKLSWclgKPNtaCz_IEr0ldWPpPxSKsOy3vBmqTrE2gGUDqsUziqqOVo_3bVJNcXo0RJ5x2S-df3aDr4Kf_42rYy-3V2pw6rahqe9HiqWubjegHAaO0jwFrLOZmFrcddWJWXQai_8KsVW4LmlGU9iUIMTMsnqSE59GRjx8eCrGFS6kpOlrU6yKQDV-d-t45gEtkmYkyIDeFCv1z89DiPuTyc7z9pPuFe8AEv56N7NME4AQDiAWBob7mTZAGAaAGeYAHzqWB8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljYk7HGpOyDA4AKA8gLAeALAYAMAaIMCCoGCgSsurECqg0CVVPiDRMI5MWxxqTsgwMVbMgoBR1TqgVZsBOwiYgWyBORsI3kA9gTCogUAdgUAdAVAfgWAYAXAegXBQ&sigh=vtF6i0616kc&label=vast_creativeview&ad_mt=5&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15232%26vmtime%3D4%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D717753612%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1705764665241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame E38F 0
17 B 135ms
134ms Ping
image/gif 2a00:1450:400f:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lrm88mzp&c=7392217717434&slotId=3696108858717&qqid=CLKD5sak7IMDFWzIKAUdU6oFWQ&fb=outstream-lima&gpm_i=13&gpm_c=13&gpm_a=13&smb=Infinity&br=20000&mt=video%2Fmp4&vs=1920x1080&dm=15000&event_name=first_play&asset_bytes=174858&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=7&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1w6~ff.1wi~videopreviewstarted.1wm&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame E38F 0
17 B 135ms
134ms Ping
image/gif 2a00:1450:400f:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~lrm88n8o&c=7392217717434&slotId=3696108858717&qqid=CLKD5sak7IMDFWzIKAUdU6oFWQ&fb=outstream-lima&gpm_i=13&gpm_c=13&gpm_a=13&smb=Infinity&br=20000&mt=video%2Fmp4&vs=1920x1080&dm=15000&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 19_source_184135_960345.mp4
s-static.innovid.com/media/encoded/12_23/691297/ Frame E38F 198 KB
0 43ms
27ms Media
video/mp4 23.56.163.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-static.innovid.com/media/encoded/12_23/691297/19_source_184135_960345.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.163.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-52.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=35880960-

Response headers

x-amz-version-id: y225.D.VW8QrPb75AnbTLOz1S2fW1t1l
Date: Sat, 20 Jan 2024 15:31:06 GMT
Last-Modified: Wed, 13 Dec 2023 16:38:15 GMT
Server: AmazonS3
x-amz-request-id: NEETQZ3GEQ5GE9N3
ETag: "44d0ee8dbde7ba2f13390898afcd2d20-2"
x-amz-server-side-encryption: AES256
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 35880960-37903296/37903297
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2022337
x-amz-id-2: fsz+kA64/3x+vg0aZxUbZHP/8FufysXnEk+Y9aoTXB+sIKlBpkqW97BB9iLyI3XC6jItn9DuEyA=

GET
H/1.1 206
Partial Content 19_source_184135_960345.mp4
s-static.innovid.com/media/encoded/12_23/691297/ Frame E38F 1 MB
1 MB 86ms
28ms Media
video/mp4 23.56.163.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-static.innovid.com/media/encoded/12_23/691297/19_source_184135_960345.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.163.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-52.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2284dd22ed6bde8fd6cc3ff217592be9517d213474fc5fdad4408c7b76399a60

Request headers

Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=36503552-

Response headers

x-amz-version-id: y225.D.VW8QrPb75AnbTLOz1S2fW1t1l
Date: Sat, 20 Jan 2024 15:31:07 GMT
Last-Modified: Wed, 13 Dec 2023 16:38:15 GMT
Server: AmazonS3
x-amz-request-id: NEETQZ3GEQ5GE9N3
ETag: "44d0ee8dbde7ba2f13390898afcd2d20-2"
x-amz-server-side-encryption: AES256
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 36503552-37903296/37903297
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1399745
x-amz-id-2: fsz+kA64/3x+vg0aZxUbZHP/8FufysXnEk+Y9aoTXB+sIKlBpkqW97BB9iLyI3XC6jItn9DuEyA=

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E38F 42 B
64 B 93ms
92ms Image
image/gif 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsz2XbEr-McwXLu1o1xi6KTSOKbOd6JCUY2gpX3vV09R2G8WwsIlSZZI1Tk4bJHeCwK2S9F0QEnESsY3RCh6vZm8WYK2a022rWL8lueWFgL3RGrlKGQI2Z2_SRV12VMqIcYLhB8Ddghqw&sai=AMfl-YTK7CmBCudew5P36VTMXYoZiGwrwzlkIp60J5T2_sP_Xf3iMW2m9iSq5m8S9FQEdj3YAQF8zu6nfeg6CHzdy01B3vqKX122KSHgpaUEHXeC3bD_vC-QdWn3asbR6g-p63RPvwoAbQg1cHH6murX&sig=Cg0ArKJSzB19xAMU2vJIEAE&cid=CAQSTgAvHhf_ZO0-wuRWKF_SkbTydSgKEudE39QphS7rEFj9M8bYJV9Z5NKtfQ-5NBBOjUvEHObhezuxHpjUqF9j4XS1CunRg0L_PcNi5ii0uhgB&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,110,87,262%26tos%3D2003,0,0,0,0%26mtos%3D2003,2003,2003,2003,2003%26amtos%3D0,0,0,0,0%26mcvt%3D2003%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2165%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D201%26dur%3D15232%26vmtime%3D2174%26dtos%3D2003%26dtoss%3D1%26dvs%3D2003%26dfvs%3D2003%26dvpt%3D2165%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D717753612%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2003&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0%26t%3D1705764665241

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 15:31:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.finanzaspersonales.info/	1970-01-21 03:25:24	Name: _ga_35B7MCN0FJ Value: GS1.1.1705764662.1.0.1705764662.0.0.0
.finanzaspersonales.info/	1970-01-21 03:25:24	Name: _ga Value: GA1.1.1920721438.1705764663
.doubleclick.net/	1970-01-20 17:49:28	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:25:24	Name: IDE Value: AHWqTUm554E0uaL3hEu2SLDw_-CMEJhlV7srNAgJDAVnLA5943Jlx6tIet1BBnRk4N8
.finanzaspersonales.info/	1970-01-20 22:08:36	Name: __eoi Value: ID=930bcbb35a93edc4:T=1705764662:RT=1705764662:S=AA-AfjbZ3O4TLsfsRY8vMyVhtBjp
.finanzaspersonales.info/	1970-01-21 03:11:00	Name: __gads Value: ID=4fbffc4e3cbc3dad:T=1705764662:RT=1705764662:S=ALNI_MZGgQrinLbIN-H5THdal_QdO5BAUw
.finanzaspersonales.info/	1970-01-21 03:11:00	Name: __gpi Value: UID=00000db8b25985e9:T=1705764662:RT=1705764662:S=ALNI_MbywnezcjIEsA__C0ZsqhdUeRGhUg
.doubleclick.net/	1970-01-20 22:08:36	Name: APC Value: AfxxVi4GSD-RZAIUAtOj6zwlsRDZrjRkZQOtzSx757XTOFVaXpWqdA
.googleadservices.com/	1970-01-20 19:59:00	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 02:35:00	Name: CMID Value: ZavnORLbIdB2jXRLjLvObgAA
.casalemedia.com/	1970-01-20 19:59:00	Name: CMPS Value: 143
.casalemedia.com/	1970-01-20 19:59:00	Name: CMPRO Value: 143
.innovid.com/	1970-01-20 19:59:00	Name: uuid Value: d303e050-1a38-499f-b5a4-2826642dd92d-20240120 10:31:04

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4773fa77be17b4f276e97fce2b615824.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
ag.innovid.com
bid.g.doubleclick.net
cdn.ampproject.org
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
dvrtr.innovid.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
govbenefitsusa.finanzaspersonales.info
imasdk.googleapis.com
pagead2.googlesyndication.com
rtr.innovid.com
s-static.innovid.com
s.innovid.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tpsc-video-ue.doubleverify.com
vtrk.doubleverify.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
142.251.16.156
142.251.163.155
142.251.167.156
144.202.38.65
172.253.115.155
172.253.62.148
172.253.63.155
172.64.151.202
23.56.163.52
2600:1f18:445b:900:a15:403:8688:ca98
2600:1f18:445b:902:69fd:1977:65d1:c078
2600:1f18:445b:903:224c:932:a200:6f16
2606:4700:4400::6812:2aef
2607:f8b0:4004:c06::9b
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c08::67
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::84
2607:f8b0:4004:c09::9b
2607:f8b0:4006:80b::2008
2607:f8b0:4006:816::2003
2607:f8b0:4006:817::200e
2607:f8b0:4006:81f::200a
2a00:1450:400f:804::2003
34.117.228.201
00cfed1d7680f3a3435bf24ed4286fa745c0b33d78f5f169e6fcf94852b93589
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
01d6cb044735b2595b41f26c57c7467aaf6d157415411a3f14111d7160c2456d
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2284dd22ed6bde8fd6cc3ff217592be9517d213474fc5fdad4408c7b76399a60
2379e0b6244ad3d1d60397dd891e76162e818844f401f250b37cd559d9d32090
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
2c12b7c5ac5def5e32373c6813eedddc7bf475a620fef61e663c9dc2a5e03be6
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
369d2e4ebf001115ee1082814e24088745efe67bee9b4efaf16a3cfd4e84bb68
38dc2783a703ac49c516389fb9e87bdcdbc427fdc643d7e9db0666fecf8e1f57
3a89af5dda7e8114b060dd53c5dfe969b9aaf02642680ae166214825b2b59d4a
3b6a7fa43986140aa461d05336481d98a64e9cc9c9f847e78f301b26e363d19e
3e8b12d0dee9e000bf08f151c98ed08a3ce719a5ac280f7b235880a19dc01863
3ed941a1c358888d5c1f45c82a042da9eda1b136d3d07534644368dbb1272f29
404d7e13e481f6694beadfae34169fb618cfcdbe80134074c42bfae1b77bef04
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fd60c481c3c6904afe3f7ba5199451a9c157addfaada5ec2dc819a4256f4d9b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6fa0333560aff37d8cb4a45408446c3deceb58d1e2386bcdbfeb64c97f71ac8e
75d0acf02cb63d3f31b60c5dfad1baf60ae5573b8d3def9eee6086cd63f24852
769c6211eb1a26c89fa3d8a63371b2ea75294fd5b16a1ed2a90fd8f5878de7d3
7a39c7e64dfda9becaa2dd54b251aa5aaa6f54b7e24629bcdfb05aa9801e846e
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
829b9c484467473accbd7e2f7501d2ed8cc1511599198f735492cfbf71431adc
89f9926f85c8259522bc439afb5a11c136a5efa1ebf965459e6839f6087e6c2b
8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b
8de61c844fb31c7dca04c04d96ff0fe4440d78f5df1adead4d2f3597e875c5a5
8debf919f9d44ba37fa60607809c029f16307d1b27d5472eccb2234563d713bc
8eb063dd5efc39b1b3492ea35f77a7fa157fbdbd8ef1dcbeb885d9349066f3c4
91c5cbbe5e768f321dbeae20fc846ee567ee176b828e625b971f8834a99dddd2
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
98873e19cd0a3db0597c8110f503eaca1e3391ebd830d924c7681a710d9c9863
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
a0520951344a0a82548f72736baa2072e965cfdaeb51f397b3a5901b1024a406
a2da484e85debdc069e2c470a27fa29be56c6cda3ee39ef3ac041e9c1fc90e9d
a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9
a7d698d2fbb3b5f18ce414d0a6f1864d3b5c63b131a63b2b34c533c02abdebd0
a962ecde95a44a0836bc141bc62ba9d694847744bee815656502611067968897
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
af1392b7898fe925fd3d1a0baecdb2993b4a88336ce002c451c7066e68305ace
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46849a7e0fd7bdf03ff8d742b44f1ff83d1cbe831b9c9d99e858d644fbc478e
b515a60a6963e4fcc6877f257ec9ee1b39bb5db12dcb6de97d4704f277ffc84b
b56485b7e76e03fe9b013955a1dcd62877d450051c2ea16f8ed49f4937fe2bc4
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bdbf32de45520329e34c7b4df5185ac8dbc861b468132c31f97fcdcda7e158ea
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
ce3471ccd08187d7fe1e76cd7c67d991cb7d15a0a27b8b50b4ea7389520edba7
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e7b82cf334e70a450ecf59d4d92355d1cb408b1a95f028decb50c597ac53e42d
e7fce45202ea02c36b73ac4d1022644320922c5f7c744ad6622be739e03298df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55d7887254b4294233a4e5eb73bae11e43014466dc85e267cd584e83ebea7df
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74939134d6d02d23c1bc17a8b80016ec7b20cdffb2676695f487d19c7e6ed61
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff7284cfbe3166f2c2ce0deea1fdb3402dab7127d2d48610647058f9c082b24f

govbenefitsusa.finanzaspersonales.info Open in urlscan Pro 144.202.38.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

137 Requests

95 %HTTPS

62 %IPv6

14 Domains

30 Subdomains

28 IPs

3 Countries

2949 kBTransfer

41779 kBSize

13 Cookies

0 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

govbenefitsusa.finanzaspersonales.info Open in urlscan Pro
144.202.38.65 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

95 %
HTTPS

62 %
IPv6

14
Domains

30
Subdomains

28
IPs

3
Countries

2949 kB
Transfer

41779 kB
Size

13
Cookies

137 HTTP transactions
4 data transactions