www.manyo.xyz Open in urlscan Pro
185.2.168.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.manyo.xyz/
Submission: On January 20 via manual (January 20th 2024, 5:43:12 am UTC) from RU — Scanned from GB

Summary HTTP 113 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 18 domains to perform 113 HTTP transactions. The main IP is 185.2.168.34, located in Newcastle upon Tyne, United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is www.manyo.xyz.
TLS certificate: Issued by R3 on January 5th 2024. Valid for: 3 months.

This is the only time www.manyo.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	185.2.168.34 185.2.168.34	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
29	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2404:6800:401... 2404:6800:4015:801::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401f:4::6	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	() ()
1	142.250.186.98 142.250.186.98	() ()
113	23

15 185.2.168.34 (Newcastle upon Tyne, United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv85.ifastnet.com

www.manyo.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manyo.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4015:801::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401f:4::6 (Ireland)

ASN15169 (GOOGLE, US)

r1---sn-aigzrn7z.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com	502 KB
19	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 googleads4.g.doubleclick.net	147 KB
15	manyo.xyz www.manyo.xyz manyo.xyz	86 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	127 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	139 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1402 r1---sn-aigzrn7z.c.2mdn.net — Cisco Umbrella Rank: 696490	4 MB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1376	450 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	131 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	556 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552	587 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	715 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	104 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 16645	206 B
1	waust.at waust.at — Cisco Umbrella Rank: 42679	7 KB
113	18

	Domain	Requested by
29	pagead2.googlesyndication.com	www.manyo.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com imasdk.googleapis.com tpc.googlesyndication.com
12	manyo.xyz	www.manyo.xyz
11	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	csi.gstatic.com	imasdk.googleapis.com
6	cm.g.doubleclick.net	1 redirects www.manyo.xyz googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	www.googleadservices.com	www.manyo.xyz
3	imasdk.googleapis.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.manyo.xyz	www.manyo.xyz
2	r1---sn-aigzrn7z.c.2mdn.net
2	sync.teads.tv	1 redirects
2	c1.adform.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net
1	ade.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	whos.amung.us	waust.at
1	waust.at	www.manyo.xyz
113	29

This site contains links to these domains. Also see Links.

Domain
manyo.xyz
1r2.in
www.chinatimes.com
www.ptt.cc
ynews.page.link
tinyurl.com
youtu.be
help.steampowered.com
b23.tv
php.s3.to
www.2chan.net
pixmicat.openfoundry.org
whos.amung.us

Subject Issuer	Validity	Valid
manyo.xyz R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-02` - `2024-03-12`	2 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.manyo.xyz/
Frame ID: E016729D44CBC0FEEB5CF535DCB0A058
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 7CAD3B265A5878E985784C38489F819A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2357062457019695&output=html&adk=1812271804&adf=3025194257&lmt=1705698478&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.manyo.xyz%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705729387273&bpp=6&bdt=387&idt=396&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8076524891342&frm=20&pv=2&ga_vid=2003017055.1705729388&ga_sid=1705729388&ga_hid=118400775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163&oid=2&pvsid=2725422462936583&tmod=1875449419&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=414
Frame ID: 228ABC7E259F61C1E19C71E8265A40BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2357062457019695&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705698478&rafmt=1&to=qs&pwprc=8176986988&format=1200x280&url=https%3A%2F%2Fwww.manyo.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705729387279&bpp=2&bdt=394&idt=415&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8076524891342&frm=20&pv=1&ga_vid=2003017055.1705729388&ga_sid=1705729388&ga_hid=118400775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163&oid=2&pvsid=2725422462936583&tmod=1875449419&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=418
Frame ID: C590DBCF1BBE4ED72C9ED056937AC8CE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2357062457019695&output=html&h=90&adk=1427325708&adf=1800184808&pi=t.aa~a.1301131232~rp.4&w=1200&fwrn=1&fwrnh=100&lmt=1705698478&rafmt=1&to=qs&pwprc=8176986988&format=1200x90&url=https%3A%2F%2Fwww.manyo.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705729388204&bpp=1&bdt=1318&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8076524891342&frm=20&pv=1&ga_vid=2003017055.1705729388&ga_sid=1705729388&ga_hid=118400775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163&oid=2&pvsid=2725422462936583&tmod=1875449419&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=13
Frame ID: A087B1D2A9AF3150BE251E6B317962DA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AD88976A870701B4F20AAFA9D04778E3
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: B206F71D18AA893C08FA405386730D91
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D8713661D4A820E7754548BCCEEB92D3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 7B5DE19F105A87B2FE305705CDA6DA44
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 85FA7EA749FA6CC7B7CA8701C9DDFFB2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2FB80D7F897EA73D0D1C1B7BF9026AAC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 85050328E920CE4F608211E3631906BF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

M島艾克斯托特

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

113
Requests

92 %
HTTPS

59 %
IPv6

18
Domains

29
Subdomains

23
IPs

8
Countries

5158 kB
Transfer

6799 kB
Size

11
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://manyo.xyz/src/1705698478357.jpg
Title: 1705698478357.jpg

Search URL Search Domain Scan URL

URL: https://1r2.in/jG
Title: https://1r2.in/jG

Search URL Search Domain Scan URL

URL: https://1r2.in/jH
Title: https://1r2.in/jH

Search URL Search Domain Scan URL

URL: https://1r2.in/jF
Title: https://1r2.in/jF

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1705316626332.png
Title: 1705316626332.png

Search URL Search Domain Scan URL

URL: https://www.chinatimes.com/realtimenews/20240112000926-260405?ctrack=pc_main_alert_p01&chdtv
Title: https://www.chinatimes.com/realtimenews/20240112000926-260405?ctrack=pc_main_alert_p01&chdtv

Search URL Search Domain Scan URL

URL: https://www.ptt.cc/bbs/Gossiping/M.1703892955.A.FF0.html
Title: https://www.ptt.cc/bbs/Gossiping/M.1703892955.A.FF0.html

Search URL Search Domain Scan URL

URL: https://ynews.page.link/W6MUr
Title: https://ynews.page.link/W6MUr

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1702909778963.jpg
Title: 1702909778963.jpg

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1703221102712.png
Title: 1703221102712.png

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1703341688446.jpg
Title: 1703341688446.jpg

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1703098978088.jpg
Title: 1703098978088.jpg

Search URL Search Domain Scan URL

URL: http://tinyurl.com/2d3ed2fr
Title: http://tinyurl.com/2d3ed2fr

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1703063378081.png
Title: 1703063378081.png

Search URL Search Domain Scan URL

URL: https://youtu.be/EQvZ8Swlm70?si=1jcYf1XWSKx9tP5E
Title: https://youtu.be/EQvZ8Swlm70?si=1jcYf1XWSKx9tP5E

Search URL Search Domain Scan URL

URL: https://youtu.be/osWZiqbzKCE?si=sxyRO7KrmML9mGkJ
Title: https://youtu.be/osWZiqbzKCE?si=sxyRO7KrmML9mGkJ

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1690580747682.png
Title: 1690580747682.png

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/zh-tw/faqs/view/4784-4F2B-1321-800A
Title: https://help.steampowered.com/zh-tw/faqs/view/4784-4F2B-1321-800A

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1690789101513.png
Title: 1690789101513.png

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1695603193365.png
Title: 1695603193365.png

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1702712589841.png
Title: 1702712589841.png

Search URL Search Domain Scan URL

URL: https://manyo.xyz/src/1700708904764.jpg
Title: 1700708904764.jpg

Search URL Search Domain Scan URL

URL: https://youtu.be/qW8jTWtSLpc?si=D_eDJGyEXOwZMTY-
Title: https://youtu.be/qW8jTWtSLpc?si=D_eDJGyEXOwZMTY-

Search URL Search Domain Scan URL

URL: https://b23.tv/zsXO906
Title: https://b23.tv/zsXO906

Search URL Search Domain Scan URL

URL: http://php.s3.to/
Title: GazouBBS

Search URL Search Domain Scan URL

URL: http://www.2chan.net/
Title: futaba

Search URL Search Domain Scan URL

URL: http://pixmicat.openfoundry.org/
Title: Pixmicat!

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/whcza3olju/
Title: 2

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ3hka12rZfyALZSujuwP3bGsqASUy_mxdcSkqZaREWQQASDkn_YGYLuGgIDQCqABh6yVrQPIAQmpAp2Ka-hlSLI-qAMByAPLBKoE0AFP0P7-WmW3PLFxuANeHxAxJ446QZHHp49F7EH7acQve6nK6RhAvOkkFY25JrmXiS7Zcg5re7Al7w-EwWPuXJrEhT0T9wd3jMrp13e4cR4UIaeBdphLUWaJApeNdw5gqtVm4-VAqUClfWspzVx4hVoErr3sYhkkSxSlCweY1LV54VMaiGLDcMwDqplQHGzo4E-YuD2hoP4zpwfYmUJfHdDCI6-k7Zg2QAqrAbHnTqVDLfsHPI-jhVBsuutTxPFuYD44Xo3KEAx7gk0NJ5TwfxM6wASaqt3MsQSIBcSnx4VLkgUECAQYAZIFBAgFGASgBi6AB5OX-qUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQgs8G0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WIzJ9JGh64MDmglIaHR0cHM6Ly93d3cuZHJlYW1wbGFjZWhvdGVscy5jb20vZW4vaG90ZWwtdGFjYW5kZS1wb3J0YWxzLz9nY2xzcmM9YXcuZHMmgAoByAsBogwIKgYKBKy6sQLYEwvQFQGAFwGyFxwKGggAEhRwdWItMjM1NzA2MjQ1NzAxOTY5NRgA&sigh=6petQCNbw5o&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_9sJe2D0ZRH0ZeEA62u4ij6ayDdMn-vMlJXEdH6hz5Phkta15NvC9Qps-bXBvAYiIG-9Vg8FhM0VAYYGxhf4Wj_F9_Ap6xVDlHBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210227052649807288462%22,%22debug_reporting%22:true,%22destination%22:%22https://dreamplacehotels.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22900027911%22],%2222%22:[%22true%22],%224%22:[%2201-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222967309007213186433%22}&andc=true

Request Chain 71

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMP0PoKKeQx88SyWScX6A-4&google_cver=1&google_push=AXcoOmRMz28q79izXAmknM6aD7Gdk9x5fTnfg-9XyNFpQPC_swIYmu431n9D1yNoFnXZGUOaVjSsa3lAUWr7gCyBNLcmCgEWbtVhjMQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRMz28q79izXAmknM6aD7Gdk9x5fTnfg-9XyNFpQPC_swIYmu431n9D1yNoFnXZGUOaVjSsa3lAUWr7gCyBNLcmCgEWbtVhjMQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMP0PoKKeQx88SyWScX6A-4&google_cver=1&google_push=AXcoOmRMz28q79izXAmknM6aD7Gdk9x5fTnfg-9XyNFpQPC_swIYmu431n9D1yNoFnXZGUOaVjSsa3lAUWr7gCyBNLcmCgEWbtVhjMQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRMz28q79izXAmknM6aD7Gdk9x5fTnfg-9XyNFpQPC_swIYmu431n9D1yNoFnXZGUOaVjSsa3lAUWr7gCyBNLcmCgEWbtVhjMQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 72

https://um.simpli.fi/gp_match?google_gid=CAESEJk88VHh4daHVU1WAJ6yHII&google_cver=1&google_push=AXcoOmTCtHZVsh5vof9u2JoCJ9HaEHGg2H4yEghxpRw13cSHW8jkRh7UPmu3RZcjyJHHa77hOp1rlyaOGwhjmPR2x1uXvBs9Gdx_bY4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=249AAD9E894B4D90B440B891CA8878DA&google_push=AXcoOmTCtHZVsh5vof9u2JoCJ9HaEHGg2H4yEghxpRw13cSHW8jkRh7UPmu3RZcjyJHHa77hOp1rlyaOGwhjmPR2x1uXvBs9Gdx_bY4

Request Chain 73

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIDvB9_qNVZNHp2bjQxHkYw&google_cver=1&google_push=AXcoOmQ6JriwLt3_NAI9o_RbaZjIB2n-aAf24LcZD5d8CxwmwMb_WfdX9fhZPtwbWtjwc0-8rrUGoR2xDtsFLovr11Sqsn6H7LbIxlE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNjA1MTkzNzMwMTM2MjgyOQ%3D%3D&google_push=AXcoOmQ6JriwLt3_NAI9o_RbaZjIB2n-aAf24LcZD5d8CxwmwMb_WfdX9fhZPtwbWtjwc0-8rrUGoR2xDtsFLovr11Sqsn6H7LbIxlE

Request Chain 74

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEQLbbw0jsnelcicnUr0b-E&google_cver=1&google_push=AXcoOmS4EOXuZvTiI8dJsprm8kJzm37NLR1mByD_m7ZNvKWagyFKMXM5jwuWwiD81AUwaVKIMbv7FPgVQKx5N4u416nSrVHvc-6Uh4w HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KrWVlS0JSKEwhgWXq5hv6Q&google_push=AXcoOmS4EOXuZvTiI8dJsprm8kJzm37NLR1mByD_m7ZNvKWagyFKMXM5jwuWwiD81AUwaVKIMbv7FPgVQKx5N4u416nSrVHvc-6Uh4w

Request Chain 75

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFw9z-v2Y8N5C-v93HuuqDY&google_cver=1&google_push=AXcoOmS3ja_Xw7Q5QkAmZvSCI9b_uWChkLHZUXW5UV0H3oMXF26nhHo8uxJ1QoApfTF9LaHoJ1PpKJcMRXZbnQl8IefJZIHoBlg4DQ4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFw9z-v2Y8N5C-v93HuuqDY&google_cver=1&google_push=AXcoOmS3ja_Xw7Q5QkAmZvSCI9b_uWChkLHZUXW5UV0H3oMXF26nhHo8uxJ1QoApfTF9LaHoJ1PpKJcMRXZbnQl8IefJZIHoBlg4DQ4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwNTE4MTUzOTAxOTgxMjkxNw&google_push=AXcoOmS3ja_Xw7Q5QkAmZvSCI9b_uWChkLHZUXW5UV0H3oMXF26nhHo8uxJ1QoApfTF9LaHoJ1PpKJcMRXZbnQl8IefJZIHoBlg4DQ4

Request Chain 76

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEsBjhUYO2s-N3anZfPVXm0&google_cver=1&google_push=AXcoOmQ4VgM-eRU7bZ8ZbJ4VcFoe1OefZ2vqWDL5GpNVGLYVci2-md2sdMifkYSsFPlmr2Q3St7MQOehjDnxAp98EDx_6Ql1LoK3-5PO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ4VgM-eRU7bZ8ZbJ4VcFoe1OefZ2vqWDL5GpNVGLYVci2-md2sdMifkYSsFPlmr2Q3St7MQOehjDnxAp98EDx_6Ql1LoK3-5PO HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 87

https://googleads.g.doubleclick.net/pagead/adview?ai=CkgpYbF2rZb6eD8TcjuwPyLWtqALu3PuSdajXyKfyEavn1_PGARABIOSf9gZgu4aAgNAKoAHB5-KcA8gBCakCthQAVQFQtT6oAwHIA8sEqgTLAU_QwzJMwQ4Q1OqWl7RbNuFSSvZUBOSWXQ1ZkVUgIwuscFBeE9ORlVeD1U9QLYoeDkp17hBEU8wa17I8zhlDyZUF6YrAeKboNSuDzueawo-eifPo4-8sOcyXO9lwsitJLo3O9RzHZKtF0qICDQSQNdfaLEmXrxpkxWKCMzlT2Z_TTgHgC17YLjenCQGXTUy67O1BYjgICfnWnilWBnktXnaN0u6ls2S2-9i_nSmJlEjGpj60UrhF_34DlVnQhDl8rRO5RS54uC21j_YSwASJqMmg0gSIBaK4trlKkgUECAQYAZIFBAgFGASgBi6AB6eYnWOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCqpQXSCCEIgOGAEBABGB8yAqoCOgSAQIBASL39wTpYtOqTkqHrgwOaCZkBaHR0cHM6Ly93d3cudGVzLmNvbS9pbnN0aXR1dGUvY291cnNlcy9zdHJhaWdodC10ZWFjaGluZz91dG1fY2FtcGFpZ249RFM5MDgzMi1zMnRfdWsmdXRtX3NvdXJjZT1nb29nbGUtZGlzcGxheSZ1dG1fbWVkaXVtPXBwYyZ1dG1fdGVybT1pbnRlcmVzdHNfYXBwbHktbm93gAoByAsBogwIKgYKBKy6sQK4E-QD2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTIzNTcwNjI0NTcwMTk2OTUYAA&sigh=Bza-BnGF2B4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_RNIt23PvT6635h82HobZxjfKp8FCefifCPc7lrkAx_CZAniFKg2hBxH1R_iWd7gmO6WlQtSyxRgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210950517334732638558%22,%22debug_reporting%22:true,%22destination%22:%22https://tes.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22865645505%22],%2222%22:[%22true%22],%224%22:[%2201-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217646446829515220369%22}&andc=true

Request Chain 95

https://gcdn.2mdn.net/videoplayback/id/0d5f6c2ff4329044/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840866156/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/5ACFB610DEEC83C52B295EC5615FF571FBECAC07.3B295C3821390459F9B82CF7115732EA631C8758/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-aigzrn7z.c.2mdn.net/videoplayback/id/0d5f6c2ff4329044/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840866156/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55A64A307E2260C90BE0A70F2E88B4599019A16D.752854BF46DF05469C39C5FFE4EDA7C03FEEC33A/key/cms1/cms_redirect/yes/mh/wG/mip/2a00:2381:5374:1a::68/mm/42/mn/sn-aigzrn7z/ms/onc/mt/1705728916/mv/u/mvi/1/pl/64/file/file.mp4

113 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.manyo.xyz/ 25 KB
8 KB 362ms
55ms Document
text/html 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: e371bd5dee97502c487f21e8d9145d62bbb7873a0ad3e739307a8026e9639ea5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=500, public, proxy-revalidate
content-encoding: gzip
content-type: text/html
date: Sat, 20 Jan 2024 05:43:06 GMT
expires: Sat, 20 Jan 2024 05:51:26 GMT
last-modified: Fri, 19 Jan 2024 21:07:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 mainstyle.css
www.manyo.xyz/ 4 KB
2 KB 83ms
82ms Stylesheet
text/css 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.manyo.xyz/mainstyle.css
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: 21dc8fe701e6d2a511ec281fa10b95ca81e2cfd08e7cbdfaaf3ddd5ce95f7b8b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
content-encoding: gzip
last-modified: Sat, 15 Jul 2023 02:00:29 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public, proxy-revalidate
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 mainscript.js Show response
www.manyo.xyz/ 3 KB
1 KB 69ms
69ms Script
application/javascript 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.manyo.xyz/mainscript.js
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: 8a67995c070b508e252de4dc9b1aca6d3560c634b0d64eb9aa266bdedcb74fd8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
content-encoding: gzip
last-modified: Sat, 15 Jul 2023 02:00:27 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 257ms
85ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2357062457019695

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e23c6989542292d10fb125aa5712e08c90e61903696279bddb1039ece6fe7929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.manyo.xyz/
Origin: https://www.manyo.xyz
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51391
x-xss-protection: 0
server: cafe
etag: 6334573829806706444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 20 Jan 2024 05:43:07 GMT

GET
H2 200 1705698478357s.jpg
manyo.xyz/thumb/ 8 KB
8 KB 73ms
72ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1705698478357s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: 966a552ed5acd7725ac9b4a77bb2ce832e276355170eabf67c489debf7da4b73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Fri, 19 Jan 2024 21:07:58 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 7779
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1705316626332s.jpg
manyo.xyz/thumb/ 11 KB
11 KB 82ms
81ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1705316626332s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: eb860c99cffc085c2b7b2c33317596c84b768737f40e5a019b35fdfb0ebc24cb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Mon, 15 Jan 2024 11:03:46 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 10878
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1702909778963s.jpg
manyo.xyz/thumb/ 8 KB
9 KB 41ms
41ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1702909778963s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: bec242f58549ca134f9939752d3258b42e3a568df2972000d87fd5114fb7cf68

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Mon, 18 Dec 2023 14:29:39 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 8500
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1703221102712s.jpg
manyo.xyz/thumb/ 3 KB
4 KB 61ms
61ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1703221102712s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: b0328c013ab646923fe68e41d3b03d96771a475185a37c3d11357b5fb9bea977

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Fri, 22 Dec 2023 04:58:22 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3428
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1703341688446s.jpg
manyo.xyz/thumb/ 4 KB
4 KB 56ms
54ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1703341688446s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: 73685c5ebba363b21d815afb9eeb7e75d7307cf889248912fbb30200cf75ab0d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Sat, 23 Dec 2023 14:28:08 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 4367
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1703098978088s.jpg
manyo.xyz/thumb/ 8 KB
9 KB 49ms
48ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1703098978088s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: 8b7a6e96a68076d33a50dac9075eba1b78baa33f4e29e43874212503d74aa3f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Wed, 20 Dec 2023 19:02:58 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 8598
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1703063378081s.jpg
manyo.xyz/thumb/ 8 KB
8 KB 58ms
57ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1703063378081s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: e707ff6f678d2d76d1a6dd457e6a24278eb0aff9a9616123a1e3b55e5dc3de99

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Wed, 20 Dec 2023 09:09:38 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 8339
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1690580747682s.jpg
manyo.xyz/thumb/ 10 KB
10 KB 65ms
64ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1690580747682s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: 5f343ca4c9ac17032f116f9bbee9201c09dd81cdb2e4f06ceccf0fb3c23b229e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Fri, 28 Jul 2023 21:45:47 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 9814
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1690789101513s.jpg
manyo.xyz/thumb/ 2 KB
2 KB 40ms
40ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1690789101513s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: 84a5d157a0e02a2698c2f6bce91aad9a60da7e7f2bec626610d1bfb255f03eff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Mon, 31 Jul 2023 07:38:21 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 2129
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1695603193365s.jpg
manyo.xyz/thumb/ 1018 B
1 KB 40ms
40ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1695603193365s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: a4511cff8c243355d6d0debdae9c3769988cb32397b0334892a60aacacd1bfeb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Mon, 25 Sep 2023 00:53:13 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 1018
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1702712589841s.jpg
manyo.xyz/thumb/ 973 B
1 KB 55ms
54ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1702712589841s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: e27fbbb6bb3e7ce6765a9552c068ee6ad78a9130b7137a228063bef9d0bf68bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Sat, 16 Dec 2023 07:43:09 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 973
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 1700708904764s.jpg
manyo.xyz/thumb/ 8 KB
9 KB 50ms
49ms Image
image/jpeg 185.2.168.34
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manyo.xyz/thumb/1700708904764s.jpg
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.2.168.34 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv85.ifastnet.com
Software: nginx /
Resource Hash: cb7377e02bfcc29390eb9d1c8b1f95e5037b10b09b42224ffc2119d81196d46b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:06 GMT
last-modified: Thu, 23 Nov 2023 03:08:24 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 8597
expires: Mon, 19 Feb 2024 05:43:06 GMT

GET
H2 200 d.js Show response
waust.at/ 14 KB
7 KB 159ms
39ms Script
application/x-javascript 2606:4700:20::681a:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: www.manyo.xyz
URL: https://www.manyo.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1568
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 17:19:44 GMT
server: cloudflare
etag: W/"63c04130-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2m2lNz2nMeX6ktZYO9IIpx7U%2BeZYQYXIAmrtZiSQ8XypeZbo6GM8JWObQIE3dzcErYuIlKDnoMyNBVKPPeXhLqC7c%2Faci68ouOqmHY8ztClaxsEe45pUyMCaKFIxl9Oe441ps4TE"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8484ff7d6a0163d9-LHR
expires: Sun, 21 Jan 2024 05:16:59 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 28 B
206 B 332ms
215ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=whcza3olju&t=M%E5%B3%B6%20%E8%89%BE%E5%85%8B%E6%96%AF%E6%89%98%E7%89%B9&c=d&x=https%3A%2F%2Fwww.manyo.xyz%2F&y=&a=0&v=27&r=9171
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f264cfb1ca5e83fc20facc8011a41276c7577346c5e09b7e4a44517d24a58e91

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8484ff7e7ef406c9-LHR
alt-svc: h3=":443"; ma=86400
content-type: text/javascript;charset=UTF-8

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 402 KB
137 KB 234ms
108ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2357062457019695&plah=www.manyo.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2357062457019695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

369b149661f72b26c1f48521997270db3ad35f97f9e17fdba2545a18f3337319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139630
x-xss-protection: 0
server: cafe
etag: 12372621679362312223
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 05:43:07 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 7CAD 9 KB
4 KB 185ms
53ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2357062457019695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.manyo.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 19089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 00:24:58 GMT
etag: 9219409622527106327
expires: Sat, 03 Feb 2024 00:24:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
349 B 213ms
107ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=832595718744664&num=0&dvc=0&eid=95320239%2C44759876%2C44759927

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 228A 114 KB
33 KB 466ms
465ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2357062457019695&output=html&adk=1812271804&adf=3025194257&lmt=1705698478&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.manyo.xyz%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705729387273&bpp=6&bdt=387&idt=396&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8076524891342&frm=20&pv=2&ga_vid=2003017055.1705729388&ga_sid=1705729388&ga_hid=118400775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163&oid=2&pvsid=2725422462936583&tmod=1875449419&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=414

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2357062457019695&plah=www.manyo.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

413ac05fa89601830be7d37ff3e8efc612251a10fb645d12ebaf59dacc7b7970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.manyo.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:43:08 GMT
expires: Sat, 20 Jan 2024 05:43:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C590 136 KB
44 KB 440ms
439ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2357062457019695&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705698478&rafmt=1&to=qs&pwprc=8176986988&format=1200x280&url=https%3A%2F%2Fwww.manyo.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705729387279&bpp=2&bdt=394&idt=415&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8076524891342&frm=20&pv=1&ga_vid=2003017055.1705729388&ga_sid=1705729388&ga_hid=118400775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163&oid=2&pvsid=2725422462936583&tmod=1875449419&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=418

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cac03c886acb678f1d43fceb3bf889363e4a21526f160de7bfcff2ec0e7511e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.manyo.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44349
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:43:08 GMT
expires: Sat, 20 Jan 2024 05:43:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame C590 14 KB
2 KB 186ms
59ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2357062457019695&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705698478&rafmt=1&to=qs&pwprc=8176986988&format=1200x280&url=https%3A%2F%2Fwww.manyo.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705729387279&bpp=2&bdt=394&idt=415&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8076524891342&frm=20&pv=1&ga_vid=2003017055.1705729388&ga_sid=1705729388&ga_hid=118400775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163&oid=2&pvsid=2725422462936583&tmod=1875449419&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=418

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 05:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 05:09:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 05:43:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C590 2 KB
875 B 221ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame C590 23 KB
9 KB 205ms
52ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C590 3 KB
1 KB 212ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:00:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C590 20 KB
9 KB 203ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C590 206 KB
66 KB 216ms
58ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 05:43:08 GMT

GET
H2 200 0c5a714edd9118dc9a192723ed81c7a6.js Show response
www.gstatic.com/mysidia/ Frame C590 37 KB
16 KB 196ms
49ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0c5a714edd9118dc9a192723ed81c7a6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2da484e85debdc069e2c470a27fa29be56c6cda3ee39ef3ac041e9c1fc90e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15431
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 21:52:37 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/994289656924010794/ Frame C590 56 KB
56 KB 216ms
66ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/994289656924010794/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff82684ee691608c191ce4366cc71c9bbd19622c9349b06c8b8482a1c942d08e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 09:19:07 GMT
date: Wed, 17 Jan 2024 09:19:07 GMT
x-content-type-options: nosniff
age: 246241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57177
x-xss-protection: 0
last-modified: Thu, 11 May 2023 15:09:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame C590 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C590 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 162 KB
55 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8df3dcf4da9481e93400c1f1398aec8c3ba6caa3b718c95da58fd46d0ac8db64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56379
x-xss-protection: 0
server: cafe
etag: 6773752892285483321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 05:43:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2967121980698225&num=0&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
70ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2967121980698225&num=1&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
70ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2967121980698225&num=2&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2967121980698225&num=3&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 86ms
85ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2967121980698225&num=4&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1585468932260606&num=0&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 89ms
88ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1585468932260606&num=1&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
86ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1585468932260606&num=2&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 86ms
85ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1585468932260606&num=3&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=442949598145797&num=0&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 90ms
89ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=442949598145797&num=1&dvc=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A087 123 KB
43 KB 457ms
457ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2357062457019695&output=html&h=90&adk=1427325708&adf=1800184808&pi=t.aa~a.1301131232~rp.4&w=1200&fwrn=1&fwrnh=100&lmt=1705698478&rafmt=1&to=qs&pwprc=8176986988&format=1200x90&url=https%3A%2F%2Fwww.manyo.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705729388204&bpp=1&bdt=1318&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8076524891342&frm=20&pv=1&ga_vid=2003017055.1705729388&ga_sid=1705729388&ga_hid=118400775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163&oid=2&pvsid=2725422462936583&tmod=1875449419&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa8661f793a482cb15f09d9b7b52da7f96016b316c5df0168c980e60578c8e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.manyo.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43512
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:43:08 GMT
expires: Sat, 20 Jan 2024 05:43:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 81ms
80ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=4&wpc=ca-pub-2357062457019695&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20240116_093501&sat=1705641861423&afm=0&as_count=0&d_count=0&ng_count=0&am_count=4&atf_count=1&mdns=0&alldns=0.167&allp=13&fd=(0%2C8%2C5)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=5564&abl=false&rr=n&su=www.manyo.xyz&pvc=2725422462936583&r=0.1&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame AD88 9 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.manyo.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 17966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 00:43:42 GMT
etag: 9219409622527106327
expires: Sat, 03 Feb 2024 00:43:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C590 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0ece8f39a3fc5acfd12aed979a5f6b360617bf76c20e76fca91fb0db7f11234

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame AD88 23 KB
9 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AD88 8 KB
823 B 45ms
43ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 05:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 04:53:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 05:43:08 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame AD88 15 KB
3 KB 331ms
49ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 15:10:12 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame AD88 378 KB
132 KB 332ms
50ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 15:10:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame AD88 20 KB
8 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C590 33 KB
34 KB 384ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 351713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 04:01:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C590
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ3hka12rZfyALZSujuwP3bGsqASUy_mxdcSkqZaREWQQASDkn_YGYLuGgIDQCqABh6yVrQPIAQmpAp2Ka-hlSLI-qAMByAPLBKoE0AFP0P7-WmW3PLFxuANeHxAxJ446QZHHp49F7EH7acQ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210227052649807288462%22,%22debug_reporting%22:true,%22destination%22:%22https://dreamplacehotels.com%22,%22event_report_wi...

0
0

203ms
67ms

Fetch
text/css

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210227052649807288462%22,%22debug_reporting%22:true,%22destination%22:%22https://dreamplacehotels.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22900027911%22],%2222%22:[%22true%22],%224%22:[%2201-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222967309007213186433%22}&andc=true

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10227052649807288462","debug_reporting":true,"destination":"https://dreamplacehotels.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["900027911"],"22":["true"],"4":["01-20"],"6":["true"]},"priority":"500","source_event_id":"2967309007213186433"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Jan 2024 05:43:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10227052649807288462","debug_reporting":true,"destination":"https://dreamplacehotels.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["900027911"],"22":["true"],"4":["01-20"],"6":["true"]},"priority":"500","source_event_id":"2967309007213186433"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame B206 51 KB
19 KB 203ms
202ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 307785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 16:13:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A087 4 KB
728 B 50ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2357062457019695&output=html&h=90&adk=1427325708&adf=1800184808&pi=t.aa~a.1301131232~rp.4&w=1200&fwrn=1&fwrnh=100&lmt=1705698478&rafmt=1&to=qs&pwprc=8176986988&format=1200x90&url=https%3A%2F%2Fwww.manyo.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705729388204&bpp=1&bdt=1318&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8076524891342&frm=20&pv=1&ga_vid=2003017055.1705729388&ga_sid=1705729388&ga_hid=118400775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163&oid=2&pvsid=2725422462936583&tmod=1875449419&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 05:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 04:55:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 05:43:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A087 2 KB
856 B 52ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame A087 23 KB
9 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A087 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:00:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A087 20 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A087 0
0 232ms
75ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSA-keSjDFspSsrI4JFjV2fe7Ig8F4t4xgfNHxZLZ-eBw4Q4y9f3N0xWh7s3d8ZnDHeTKnsTmi3PxOptSZiHhGt9pVD3A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2357062457019695&output=html&h=90&adk=1427325708&adf=1800184808&pi=t.aa~a.1301131232~rp.4&w=1200&fwrn=1&fwrnh=100&lmt=1705698478&rafmt=1&to=qs&pwprc=8176986988&format=1200x90&url=https%3A%2F%2Fwww.manyo.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705729388204&bpp=1&bdt=1318&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8076524891342&frm=20&pv=1&ga_vid=2003017055.1705729388&ga_sid=1705729388&ga_hid=118400775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163&oid=2&pvsid=2725422462936583&tmod=1875449419&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A087 206 KB
65 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 05:43:08 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame A087 37 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Apr 2024 18:57:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D871 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 73778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Sat, 20 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/12508787971560569605/ Frame A087 21 KB
21 KB 82ms
82ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12508787971560569605/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7446cdc26e276ef6dc1e7defcb56e1edd7e567dbc74d49a9818369e349d8f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21073
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 16:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Jan 2025 05:43:08 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8629444601608502691/ Frame A087 5 KB
5 KB 73ms
72ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8629444601608502691/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

590710e18f9a57c84917076f41589087dab691aef95599a96385ee2d246c1115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5241
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 15:36:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Jan 2025 05:43:08 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 230ms
83ms Preflight
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 05:43:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A087 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74c5dbed8fa4c0b28c9e07d54223e70413615b04676151fe121fcc035db7b8ce

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame D871 0
104 B 293ms
87ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPJHdvtfJSrV0w4d1bXd8Ng&google_cver=1&google_push=AXcoOmTNBsMUQW0qY5tUtRK_FNSRtcOWRNkWuKFbgOzd_NV6oS1hCbgBN2KRgz6DSAKlnlrd51bEurfjQe0QmQpkbZ2NgyAvW-6xMmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2357062457019695&output=html&h=90&adk=1427325708&adf=1800184808&pi=t.aa~a.1301131232~rp.4&w=1200&fwrn=1&fwrnh=100&lmt=1705698478&rafmt=1&to=qs&pwprc=8176986988&format=1200x90&url=https%3A%2F%2Fwww.manyo.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705729388204&bpp=1&bdt=1318&idt=1&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8076524891342&frm=20&pv=1&ga_vid=2003017055.1705729388&ga_sid=1705729388&ga_hid=118400775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320889%2C95321627%2C95321861%2C95322163&oid=2&pvsid=2725422462936583&tmod=1875449419&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:09 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D871
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMP0PoKKeQx88SyWScX6A-4&google_cver=1&google_push=AXcoOmRMz28q79izXAmknM6aD7Gdk9x5fTnfg-9XyNFpQPC_swIYmu431n9D1yNoFnXZGUOaVjSsa3lAUWr7gCyBNLcmCgEWbtVhj...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMP0PoKKeQx88SyWScX6A-4&google_cver=1&google_push=AXcoOmRMz28q79izXAmknM6aD7Gdk9x5fTnfg-9XyNFpQPC_swIYmu431n9D1yNoFnXZGUOaVjSsa3lAUWr7gCyBNLcmCgEWbtV...

43 B
437 B

191ms
174ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMP0PoKKeQx88SyWScX6A-4&google_cver=1&google_push=AXcoOmRMz28q79izXAmknM6aD7Gdk9x5fTnfg-9XyNFpQPC_swIYmu431n9D1yNoFnXZGUOaVjSsa3lAUWr7gCyBNLcmCgEWbtVhjMQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRMz28q79izXAmknM6aD7Gdk9x5fTnfg-9XyNFpQPC_swIYmu431n9D1yNoFnXZGUOaVjSsa3lAUWr7gCyBNLcmCgEWbtVhjMQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:09 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8484ff89fb35768c-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:09 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 258
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMP0PoKKeQx88SyWScX6A-4&google_cver=1&google_push=AXcoOmRMz28q79izXAmknM6aD7Gdk9x5fTnfg-9XyNFpQPC_swIYmu431n9D1yNoFnXZGUOaVjSsa3lAUWr7gCyBNLcmCgEWbtVhjMQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRMz28q79izXAmknM6aD7Gdk9x5fTnfg-9XyNFpQPC_swIYmu431n9D1yNoFnXZGUOaVjSsa3lAUWr7gCyBNLcmCgEWbtVhjMQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8484ff88bab8768c-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D871
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJk88VHh4daHVU1WAJ6yHII&google_cver=1&google_push=AXcoOmTCtHZVsh5vof9u2JoCJ9HaEHGg2H4yEghxpRw13cSHW8jkRh7UPmu3RZcjyJHHa77hOp1rlyaOGwhjmPR2x1uXvBs9Gdx_bY4
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=249AAD9E894B4D90B440B891CA8878DA&google_push=AXcoOmTCtHZVsh5vof9u2JoCJ9HaEHGg2H4yEghxpRw13cSHW8jkRh7UPmu3RZcjyJHHa77hOp1rlyaOGwhjmPR...

170 B
232 B

84ms
83ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=249AAD9E894B4D90B440B891CA8878DA&google_push=AXcoOmTCtHZVsh5vof9u2JoCJ9HaEHGg2H4yEghxpRw13cSHW8jkRh7UPmu3RZcjyJHHa77hOp1rlyaOGwhjmPR2x1uXvBs9Gdx_bY4

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:43:08 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=249AAD9E894B4D90B440B891CA8878DA&google_push=AXcoOmTCtHZVsh5vof9u2JoCJ9HaEHGg2H4yEghxpRw13cSHW8jkRh7UPmu3RZcjyJHHa77hOp1rlyaOGwhjmPR2x1uXvBs9Gdx_bY4
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 19 Jan 2024 05:43:08 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D871
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIDvB9_qNVZNHp2bjQxHkYw&google_cver=1&google_push=AXcoOmQ6JriwLt3_NAI9o_RbaZjIB2n-aAf24LcZD5d8CxwmwMb_WfdX9fhZPtwbWtjwc0-8rrUGoR2xDtsFLo...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNjA1MTkzNzMwMTM2MjgyOQ%3D%3D&google_push=AXcoOmQ6JriwLt3_NAI9o_RbaZjIB2n-aAf24LcZD5d8CxwmwMb_WfdX9fhZPtwbWtjwc0-8rrUGoR2xDtsFLovr11...

170 B
232 B

82ms
79ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNjA1MTkzNzMwMTM2MjgyOQ%3D%3D&google_push=AXcoOmQ6JriwLt3_NAI9o_RbaZjIB2n-aAf24LcZD5d8CxwmwMb_WfdX9fhZPtwbWtjwc0-8rrUGoR2xDtsFLovr11Sqsn6H7LbIxlE

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNjA1MTkzNzMwMTM2MjgyOQ%3D%3D&google_push=AXcoOmQ6JriwLt3_NAI9o_RbaZjIB2n-aAf24LcZD5d8CxwmwMb_WfdX9fhZPtwbWtjwc0-8rrUGoR2xDtsFLovr11Sqsn6H7LbIxlE
Date: Sat, 20 Jan 2024 05:43:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D871
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEQLbbw0jsnelcicnUr0b-E&google_cver=1&google_push=AXcoOmS4EOXuZvTiI8dJsprm8kJzm37NLR1mByD_m7ZNvKWagyFKMXM5jwuWwiD81AUwaVKIMbv7FPgVQKx5N4u4...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KrWVlS0JSKEwhgWXq5hv6Q&google_push=AXcoOmS4EOXuZvTiI8dJsprm8kJzm37NLR1mByD_m7ZNvKWagyFKMXM5jwuWwiD81AUwaVKIMbv7FPgVQKx5N4u416nSrVHvc-6Uh4w

170 B
329 B

64ms
64ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KrWVlS0JSKEwhgWXq5hv6Q&google_push=AXcoOmS4EOXuZvTiI8dJsprm8kJzm37NLR1mByD_m7ZNvKWagyFKMXM5jwuWwiD81AUwaVKIMbv7FPgVQKx5N4u416nSrVHvc-6Uh4w

Requested by

Host: www.manyo.xyz
URL: https://www.manyo.xyz/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:43:08 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KrWVlS0JSKEwhgWXq5hv6Q&google_push=AXcoOmS4EOXuZvTiI8dJsprm8kJzm37NLR1mByD_m7ZNvKWagyFKMXM5jwuWwiD81AUwaVKIMbv7FPgVQKx5N4u416nSrVHvc-6Uh4w
x-host: tde-deliveryengine-production-5db7bf8975-rmzj4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D871
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFw9z-v2Y8N5C-v93HuuqDY&google_cver=1&google_push=AXcoOmS3ja_Xw7Q5QkAmZvSCI9b_uWChkLHZUXW5UV0H3oMXF26nhHo8uxJ1QoApfTF9LaHoJ1PpKJcM...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFw9z-v2Y8N5C-v93HuuqDY&google_cver=1&google_push=AXcoOmS3ja_Xw7Q5QkAmZvSCI9b_uWChkLHZUXW5UV0H3oMXF26nhHo8uxJ1QoApfTF9LaHoJ1P...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwNTE4MTUzOTAxOTgxMjkxNw&google_push=AXcoOmS3ja_Xw7Q5QkAmZvSCI9b_uWChkLHZUXW5UV0H3oMXF26nhHo8uxJ1QoApfTF9LaHoJ1PpKJ...

170 B
232 B

46ms
46ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwNTE4MTUzOTAxOTgxMjkxNw&google_push=AXcoOmS3ja_Xw7Q5QkAmZvSCI9b_uWChkLHZUXW5UV0H3oMXF26nhHo8uxJ1QoApfTF9LaHoJ1PpKJcMRXZbnQl8IefJZIHoBlg4DQ4

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwNTE4MTUzOTAxOTgxMjkxNw&google_push=AXcoOmS3ja_Xw7Q5QkAmZvSCI9b_uWChkLHZUXW5UV0H3oMXF26nhHo8uxJ1QoApfTF9LaHoJ1PpKJcMRXZbnQl8IefJZIHoBlg4DQ4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame D871
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEsBjhUYO2s-...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ4VgM-eRU7bZ8ZbJ4VcFoe1OefZ2vqWDL5GpNVGLYVci2-md2sdMifkYSsFPlmr2Q3St7MQOehjDnxAp98EDx_6Ql1LoK3-5PO
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

83ms
83ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 20 Jan 2024 05:43:09 GMT
pragma: no-cache
date: Sat, 20 Jan 2024 05:43:09 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D871 0
139 B 200ms
60ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jon_cpxwPe7i-s4f622WifsV-xYUXyuGzMHjt0gEyBIb-oU0HPSdcyShQc4vHJtnBiClH69w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A087 15 KB
16 KB 53ms
52ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 47027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A087 15 KB
15 KB 57ms
57ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:46:50 GMT
x-content-type-options: nosniff
age: 273378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 01:46:50 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AD88 0
234 B 1834ms
700ms Ping
image/gif 2404:6800:4015:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrln8jrk&c=7511306783001&slotId=3755653391500.5&qqid=CIfv85Gh64MDFUSSgwcdyyMCkQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4015:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AD88 15 KB
16 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 47027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AD88 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:46:50 GMT
x-content-type-options: nosniff
age: 273378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 01:46:50 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD88 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C2JMCa12rZceNLMSkjuwPy8eIiAmwxL6zddOuirqrEmQQASDkn_YGYLuGgIDQCqAB2vrPwynIAQWpArYUAFUBULU-qAMByAObBKoE-AFP0EWkUsuKbNBLg7dVBA2WV45rC2kcGfFUtGXxAVBNVtwqILR7nQVIU5iIkkaxgWEiwNo41rxta-I8gJeli-difyvoykw8MjM_-q8SidYJ0PlqDWuy_2goIISdj-_4Nt1V9mYZNnIzQOiEm3-F3x3lW-zitoHwI7A3iIMXogTjerBsnoqBBHUyjS0r7Skkfr5EwYhOvd0YsPhpRUbp1CJH-HoVcrPYmEoqsp041LykDjoHsGdcypQhIC4x8GI4hvnWEmogZsjge3ujKxwccOtsKTuwwyu_zZ-3JkUnOFsPfgVFvq-ae2gnGZScqxFUmNdTctnt_mBaqcAEw6b49OAE4AQDiAX7rtuATpAGAaAGToAH2rKgowSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WM3T85Gh64MDgAoBmAsByAsBgAwBqg0CR0KwE6m8sBbYEw2IFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1705729388842&ai=C2JMCa12rZceNLMSkjuwPy8eIiAmwxL6zddOuirqrEmQQASDkn_YGYLuGgIDQCqAB2vrPwynIAQWpArYUAFUBULU-qAMByAObBKoE-AFP0EWkUsuKbNBLg7dVBA2WV45rC2kcGfFUtGXxAVBNVtwqILR7nQVIU5iIkkaxgWEiwNo41rxta-I8gJeli-difyvoykw8MjM_-q8SidYJ0PlqDWuy_2goIISdj-_4Nt1V9mYZNnIzQOiEm3-F3x3lW-zitoHwI7A3iIMXogTjerBsnoqBBHUyjS0r7Skkfr5EwYhOvd0YsPhpRUbp1CJH-HoVcrPYmEoqsp041LykDjoHsGdcypQhIC4x8GI4hvnWEmogZsjge3ujKxwccOtsKTuwwyu_zZ-3JkUnOFsPfgVFvq-ae2gnGZScqxFUmNdTctnt_mBaqcAEw6b49OAE4AQDiAX7rtuATpAGAaAGToAH2rKgowSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WM3T85Gh64MDgAoBmAsByAsBgAwBqg0CR0KwE6m8sBbYEw2IFALYFAHQFQH4FgGAFwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AD88 0
54 B 1818ms
701ms Ping
image/gif 2404:6800:4015:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrln8jsc&c=7511306783001&slotId=3755653391500.5&qqid=CIfv85Gh64MDFUSSgwcdyyMCkQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.wh&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4015:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame AD88 31 KB
18 KB 197ms
59ms XHR
text/xml 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AEk-Wjebh0Py0xEWF5OzTzjtzjdzZH7PESLfUHNvxFaLcM7g5vPVCyM03tzs4uDDHrx3uIsE1EH2sjUclGN2D0WrN7fA&cry=1&dbm_d=AKAmf-AIivv80bhsX4ue9tc_rGlLdO8XnsSAMLskeYgdCOwWnw4UeJe0ZHvMW3exdn_tUa8MvBYsVoU4ehAvA6LDCJHpwcjChTyAECN5iK9TdH89qe-3CQU1FNZ-n-EwqJd2xg-wqo0jSGgusW9_NT2LQhgDa5Qelk6Qp8QrIlDE7X5avVwW_92kOYTVTOoT_BYRXW6A1vFdscc00LnlSNyZWBa_6ijSxw_PssnY_A4ue-_NXhZrhYzhKQlkyQ8f2LGCS-Q86XzlpUALQnVw5-l6KucQMbPY5ZgqOf2svvXk0EWveJ4lwaCnZ9Xstu0R4FTi0F1OhWfXl5zVAK34xSSE5NRXc_NXxdggrFADasilwvRy8BsuqDP5Ifso6uk6snNfcCi18HGSIElIS-9GIPdwtSZOy9VhP-t3yjpS1JQweatgVz3gKE1Bt7d4PRoN86TTYe0uOnNR4Gw9AUIk9T-3npFWEByi_aLyx8rEhLvfsRMXvT8WnDBwLxXrYxJpub77p-XwEk3qzxAFCvyiX1sBkulO3q49kxulXTv9Bxz2pT_PKmFAcJtrhgg7lzFGP_35k2gI0X7SIoJ_8BHpRJ6BhJiTPx2MX7-Q0C058ErWz5bRfxuyqSQWYL1Bz5zz7D_l79wSLNS0bzlHcag5rDXRxHe-yMIyApN7OAXlKn-Kmys8OnSJaNTZ-qllGJtPS6UVg3oikKTdzU5unHqZRj6DTZIg04sKgYc-bBVK2EwN3EaI9Y9JRcGXyOe5klAOLSj8uff_kKqgzZtC3C04gD9l8QQCw8gYrtfUo2LJyMO8EAMGsBM4rqVWsi_fTuftQ9WTaBF53Sg2CPYmjIlE4LEESrm1h0BlaFqFA945YnLYhARLaJp_mNAE-FUVZ7FAS6g3GwZ6DFTTlu8Ey3Q3-fKKvEZC_3xJNRHHj51GhuN18tAH0yz_ETdFm146mIhNn5oZZLIkYGzZDwNhYTy66piLdQgogWzUfdQ9iyhV-DkipLepEQtTv1uqr0Vy_m0oAYTNTDmarjHRRiI_GkOsjeOtFAwOUHZmTR48MXVCEkT8o2uim8VpkDCUmgAvcc-i48nZe-hoOminF9p57CjGsMIYNAyoJBRgzAehVb3ARVdikThhPqzTDRpA8IU7YZo--W3X7OjoO7iVQWKhJg2N12Bxon5Wi0s1DdXs9-pZ9r38oyx9KuIpglzmkJzQ9rMCf_3wKJC5_Um9kXGjiy_TonI5lDgxpKUatR5TD3-SsOr2wnqOaON7pwhsE3fmtJnL3pS7VKnUtZIkp2Nfe88OupzOgipo93AphrIbpN_2woRGG8t6fVJZ5liyRjODlxQgxYTjRWwyOsrSNF_IN5MoRpRl7hH2XdpCeIdH3sjhfxtENt6a47FA7RgIPrTSSJV60gn-cweXcN4vM9elP9mXeIIpMuYHz9KEQydvDoP__enzOBTZd4bCOcbCT4ML30fvzbkG59W0xIYfGpi8veI2vud1sJMs7VAX0ajVRbqexnRqN0AhxYYHQSgbrOAyBs2XK4gqQQ7AoMti22iXLRtX1WDHYv6aCnC8lBg4A48HWw1lXzy3l1DdIdAUsxbRz-XPTTYKw1I0qCiqzb1iGZamXAmuqt7Ckd7NaGPsDOD639cHPrQSipF9-87IeDJPIwhsX2cmsPKEqYtudd2jVciIfkpLDVtSXln9c6ApfsG5mDyFideJfPxyl0_bn8Av3N4ywAui0yKFureL5xygIDnS8Hif3_JMtJeH9vRPn-T_HW4F-5z7CQbzUQTdgIoAtzF9rKTEPUWf-K-X-hFqDdWaXKyRBxdFNHm2a0fWhevMdxHfiRaRyOpmCUCMcciYcMnz3UR6_VeP_gxukJcNKpyR36hHk6pXlo9u6gWxR7hmjWdBYh0qzm5-1yQTWVnR3gEcNVrroULajU9x7zM_k0qrVw4EdtIUi93653N9f1acyTzHbTEF5cPCTQSMK7KB8XJ0t-zodT7brJoZFg-mP9DtsMfq4erJilcTkxpliaPXNMHt1ahhqdfNCUka9A04rHlok5g42e3eiRXHRwgLdAU2FwOhPhr0LAa4pnfp910Lbiv4uuxDq-wJ9RJZTXYKS2JcUe5Vh7RZdh8OsuZJoGaToW6O6gaVdc7domoMfcuSMaYgYp5pLOJimZU2pgO3P_UqN5tDNYh4epXF480cvXZ8otb5OY4Wrrkp3-lhve_4LWKrai2AbAZ_vd2jq-L_0z3Ci6aT5L2ygNJWOts04YAefhxj06ZIjWHpG0s1wVdKogVuM4zJNFQe-0rOD59UeqI4xy27qrPo8gLuz8hjDlyK8LleuDHV3VX5t10axusWqULtC5pQ_JSjF_jAWx2Ok5H0-3SGFDig3OeeyBRqvcCkXVbjE4wtgJVBkRmDjSnRgdpyine-bQPAH8SxwEGdB4fcTW8pBe-oML1-ZLjCoI7LvO_IpKhb_tGXRzYN-slmFEiiFPpplzPCbezDHqA1WfzF0_81W6VOuZIr7FZN6s3MCm2hm78y1cRiDxQy2li2rRB9YjPpvtZExYBWJoe79gfUdh83P3D6dcH2V8e8iSWxGarJjCIZnHTHOFnKaMlMeujot8ngDmr5fZqAXspKAtUyz6jJ7-ffah9dVAJ19kODtpYOnhlW0QaVZmKvdeosx4Xpsw96E_G-V8AYPPThTFKE89zztAHBAgLRX8IqBQofwFfmvCJkz2hkxkNk1YqO8gU5LFtakYU3lSe4aNxrPMUIMPdmj2ce_FaFBZihh89Os5D3x_Of5n-vWRSrpLwKvmCjS5ZknviufuCzzMJGkE4XnJa6y2f7_sDR5SeVAYdHr7bCeQX76VBxnBMaD2HwTqlc19NQ7ojR4nkdCHjSE_0gpTUk4RuYm_cqVwhilb1VzmhEmQJ7B7NoW37kBfD2ARoP3Yl3N_mSQGsXUnWBB4fUWC1YQbY-1fU4pxMskWt4sIyRhWgvtfgvGXRSdKkWtRpa0SmeRbj7k80HKmd_3bgqKaicRQ9g6CV6v-ZEdJ-AzgfCvK6xOKV1aS_AT8XgjGg_ImcHfd70mBKnHDb8gp0e51WIxys0vriVCJTL45XqujqVwI2fKIw4IY8qc8cf7uUP2NfNmFR6ujVsbkq6__TnPPg2msbn0gEipw_kmo8GC94fxylaucrJuNihx8ecy2nNenDVby-KhbPXw33lTFZIvZESvxGaSvgjmov3w79Oh0Hk0QyjTZA6PB3JlTu-dNpWvw4vQ0mG4gQLky__uXbUxK4K2llzEsiDa3oxE5I5z9IQFl8v7xLqaFBGmHTJf4rWtDfs2xYEzJ4b6hdrO4j4mSigzYJUL0MDcd5qVuJmjfr-45eDJ-c1I0sJUH9jgEYrUecVjf--P51QY6ESoFXcoJg7gHcM3H7xJsgMDlCIwAXmdWsWOrrmVWfyVMIosvfkGdGQl2f9HPRBG7npyaZExeENs0yIqiOrPIi7hCr6ertL-J2wQoDbmJCEDwd99P3c6kszaidwzWPD-twTFkmax4bbM3V2xxuIFeOXxEPOYfZLU8D0kefp1A&cid=CAQSTwAvHhf_iItS8eXX8Ww6B99xpfKVYAZMYyoMk0Ec5tvAMGgztEBq3xHuSBqu0YDmucSpIeFwwBsoqi5JpLvnpPKKqncGXFxcUTbI1xXPIdQYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

3f3bf1e389766da78e6a813db99d0695894b0cd77b73ecffd8ccf34dbd2ad89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18076
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AD88 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 427e0740d00a60145ff1ee1318777200ddc8ed3d4b14a00b5b83ab41e32d1f2d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A087
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkgpYbF2rZb6eD8TcjuwPyLWtqALu3PuSdajXyKfyEavn1_PGARABIOSf9gZgu4aAgNAKoAHB5-KcA8gBCakCthQAVQFQtT6oAwHIA8sEqgTLAU_QwzJMwQ4Q1OqWl7RbNuFSSvZUBOSWXQ1...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210950517334732638558%22,%22debug_reporting%22:true,%22destination%22:%22https://tes.com%22,%22event_report_window%22:%2225...

0
0

106ms
68ms

Fetch
text/css

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210950517334732638558%22,%22debug_reporting%22:true,%22destination%22:%22https://tes.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22865645505%22],%2222%22:[%22true%22],%224%22:[%2201-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217646446829515220369%22}&andc=true

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10950517334732638558","debug_reporting":true,"destination":"https://tes.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["865645505"],"22":["true"],"4":["01-20"],"6":["true"]},"priority":"500","source_event_id":"17646446829515220369"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Jan 2024 05:43:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10950517334732638558","debug_reporting":true,"destination":"https://tes.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["865645505"],"22":["true"],"4":["01-20"],"6":["true"]},"priority":"500","source_event_id":"17646446829515220369"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B5D 51 KB
19 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 307785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 16:13:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AD88 0
0 71ms
71ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiFwya12rZceNLMSkjuwPy8eIiAmwxL6zddOuirqrEmQQASDkn_YGYLuGgIDQCqAB2vrPwynIAQWpArYUAFUBULU-qAMBqgT1AU_QRaRSy4ps0EuDt1UEDZZXjmsLaRwZ8VS0ZfEBUE1W3CogtHudBUhTmIiSRrGBYSLA2jjWvG1r4jyAl6WL52J_K-jKTDwyMz_6rxKJ1gnQ-WoNa7L_aCgghJ2P7_g23VX2Zhk2cjNA6ISbf4XfHeVb7OK2gfAjsDeIgxeiBON6sGyeioEEdTKNLSvtKSR-vkTBiE693Riw-GlFRunUIkf4ehVys9iYSiqynTjUvKQOOgewZ1ySlbvVvaO28LoAWaOFynuGHfueroTJyTuSFnoMMRPJAqdjXno9oNCNdCFml4RziHiM3Qg1jBwYqSEPgrk6FqLVwATDpvj04ATgBAOIBfuu24BOkgULCCIQARgBSM2VnAKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB9qyoKMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ6eYjGLmLh4QC0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WM3T85Gh64MDgAoByAsBsBOpvLAWyBOloZrkA9gTDYgUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi0yMzU3MDYyNDU3MDE5Njk1GAA&sigh=P12SbgEKrtc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_iItS8eXX8Ww6B99xpfKVYAZMYyoMk0Ec5tvAMGgztEBq3xHuSBqu0YDmucSpIeFwwBsoqi5JpLvnpPKKqncGXFxcUTbI1xXPIdQYAQ&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 05:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 96ms
96ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d893c0554d2e909256d251ae007f443e036aeefb11eb717dffe3bc87ea7820f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12278
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 69ms
68ms Preflight
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 05:43:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 05:43:09 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AD88 0
54 B 1601ms
702ms Ping
image/gif 2404:6800:4015:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrln8jst&c=7511306783001&slotId=3755653391500.5&qqid=CIfv85Gh64MDFUSSgwcdyyMCkQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4015:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame AD88 41 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 18:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 18:20:56 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-aigzrn7z.c.2mdn.net/videoplayback/id/0d5f6c2ff4329044/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840866156/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame AD88
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/0d5f6c2ff4329044/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840866156/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
https://r1---sn-aigzrn7z.c.2mdn.net/videoplayback/id/0d5f6c2ff4329044/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840866156/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

665ms
511ms

Fetch
video/mp4

2a00:1450:401f:4::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-aigzrn7z.c.2mdn.net/videoplayback/id/0d5f6c2ff4329044/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840866156/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55A64A307E2260C90BE0A70F2E88B4599019A16D.752854BF46DF05469C39C5FFE4EDA7C03FEEC33A/key/cms1/cms_redirect/yes/mh/wG/mip/2a00:2381:5374:1a::68/mm/42/mn/sn-aigzrn7z/ms/onc/mt/1705728916/mv/u/mvi/1/pl/64/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:401f:4::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 05:43:09 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4113190
Last-Modified: Wed, 04 Oct 2023 11:14:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 20 Jan 2024 05:43:09 GMT

Redirect headers

date: Sat, 20 Jan 2024 05:43:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-aigzrn7z.c.2mdn.net/videoplayback/id/0d5f6c2ff4329044/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840866156/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55A64A307E2260C90BE0A70F2E88B4599019A16D.752854BF46DF05469C39C5FFE4EDA7C03FEEC33A/key/cms1/cms_redirect/yes/mh/wG/mip/2a00:2381:5374:1a::68/mm/42/mn/sn-aigzrn7z/ms/onc/mt/1705728916/mv/u/mvi/1/pl/64/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame AD88 453 B
588 B 45ms
43ms Image
image/png 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-2357062457019695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:09 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 06:33:09 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AD88 0
54 B 1591ms
701ms Ping
image/gif 2404:6800:4015:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrln8jyv&c=7511306783001&slotId=3755653391500.5&qqid=CIfv85Gh64MDFUSSgwcdyyMCkQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1992&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.12p~atrd.12t~videopreviewvisible.12w&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4015:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 85FA 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.manyo.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 56586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 14:00:03 GMT
expires: Sat, 18 Jan 2025 14:00:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2FB8 829 B
1 KB 49ms
48ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b63781593c2ab9ba3b4701a7ad0b3087ca6ffad96718d8513af8c1b0546a78b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ChbRsZCku9skCkur4Z58kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.manyo.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ChbRsZCku9skCkur4Z58kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:43:09 GMT
expires: Sat, 20 Jan 2024 05:43:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 85FA 39 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 22:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 22:09:39 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 8505 23 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 213733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 18:20:56 GMT
expires: Thu, 16 Jan 2025 18:20:56 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2FB8 0
0 70ms
69ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=2725422462936583&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 8505 50 KB
19 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 16:48:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 85FA 0
10 B 58ms
57ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WHyXcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8505 0
20 B 547ms
546ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BHT9ibV2rZfa9AZKpkdUP-Ka5mAEAAAAAOAHgBAI&bg=!29il2JfNAAZVxkGXdcY7ADQBe5WfOBHtq4Jp5O8fOkebzEcOyGDsj-1BXhrBFtRl2G05oYSYKvOTvKAa9B5OSbHf60PJAgAAAHBSAAAAA2gBBwoAVxqHH9nX3QahJ_xDfmQM-Ivo7KN2bAjGZVq39411bhUD_WaUvRjaVDyVeoLK01Zb7sMT6-9Unvq5mo9lAbqK2LUeIgVQPB35RBgiRfZpnHpOnN6kKjI8ipkC6iTBmzdku_9yhZNZE8k3cYURTZwmBddkAOfu1vTntGWxPNAsjyLVhMBauWoBgQnQtG_Rp4iiXnIayrq-zsVFg1_3ICNKH5B9ZuY2s2nFbMB-hR3uLEVYbqA_9vXY3_Y__t0djZS3CpjB77Vo7tpdIZhOtb_5Gs0AwZLdSfwnNUwNkPZED5LNDWKZ_sbQlfdXB3cYF9AsIdqC87B--sD_-0Mslkdrr7-fWGA9cmgQxp5muPtftaSVdrBM1h-oesOie2Q2k33Zr3MSdJHsje2RIkAysMbB3WVk38wGZCCbY0tbwWY78i7VEzzCOPOm51v4FUuDszN-0zlh5WgIz5CmXAYGbhGOlw0oZKuZQ9K4FV9GUy0ru-9CWyxBS2Pl2qi1cXbNxcLJHCNwidRjXz5go4WteV_WyTawxHW9mxRLagMa2If-L09JpznPHxO0BHzMBOKTuYZ_XmGENiqmIEq3_jdp6ZcwshQnn7lYwTqxfVCAy7aYcXj69esV34szChZjaA2LqTdwKR1x8JGx76D0vNlNYy3PsYutevv0NO4rA-q_8KylRFMBUWQ8anfAE2yB5n8mPSEelqYr3UNT9y5WT56uRjNv7AuJrBUMdGqM5Ok3RDLn5_lZ6Q_UB6wjgQzOKXJe3TZW28JbmgdiB_u2rUgFqS4XSPlSzo9auf6dJS_KoBBDv-r9OTwPJiAM2e84JfL1nl22IABMF5RO8JcpVv09FGeMJmo-D2dgMaKogkLb8sLHf0WGPkgmnjWJxnOu9DFELovwIk6mSd5CSlLwG6JpZmlHY2WIBxU_D9aNBu97_5jlAGH4oSqI8gWgHIvpF43nJdJj1ukwDbtcdIhTT4A6z6HH3zmwi9u5jGtAF17_m0KIo_9p0WldRIGJWNMpubNT5yRFwJWeIiRwvC1352nBOrlBy8oySDGTHTkJZwv6lo_jrM0xcaUqC_Utga0sK5CLJums6pAnBMQo7x3BsuekpQG5gqPDR6w6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C590 42 B
64 B 531ms
531ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNFIuezm2yBKTq0Awow_LYUZ1R4y2gqy2dVabmH7bhN_qBcr21eJ0a1rWeDBbLlxvb3PUjm9_FVKaBN_zQ0qxMA_nI9T2kmU_DvqXFuDHHS3L8L7aUV8laqmEyODoX_cKjp_BBADOh0uHvUCPbCzN7L7g5Bqs&sai=AMfl-YSr3k9ko_ZEuthseOSgBAcaJrHEtoK30qDP6JpnaMHwLmky26x7akV1oyHMZzDGdztPjJUFHI7DZ_hsBz2KndLjQ20P687mF-VQHw3vYSk1zQW2jb2QL1mUQ1nWBw9mVzn6n3ceqKd0S4kqhY5K&sig=Cg0ArKJSzEZGr4U3_d8MEAE&cid=CAQSTgAvHhf_9sJe2D0ZRH0ZeEA62u4ij6ayDdMn-vMlJXEdH6hz5Phkta15NvC9Qps-bXBvAYiIG-9Vg8FhM0VAYYGxhf4Wj_F9_Ap6xVDlHBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3809598800&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705729387698&rpt=790&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 190ms
190ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=2725422462936583&bg=!dHeldzjNAAa8BdJLnAU7ADQBe5WfOIdBvPcFUF7Pzr5nmcarGbLuRpkgFHa_j7dUsn4rmDYOJw4THR-qtTZAKM5iOwgFAgAAAG9SAAAAAmgBBwoAWURkTGxFqfgCuIQBezPX5Xgxg7c1SzorI44SquNqAF1AUKxWA8cTYY6I1XzHWnDnZr2kOJO9ZEDsjPm-LzGU8Uxti2XjU81G8cu2KU6a6zZ3tadhSAUNm5QEmQKmjdmkd7mMsL_cDDyynagNQpaP7aSjXgS34KOz5UTg44rUofXhdXL9ugH5gs4gnwmr0-5KHXXubGABgxUjmcIWUYqhsATMreQq7u2x-q3PC3itC0YmdXycoVumCU0Ba_cUzGRii4mMpsrFkPb1RcL_6-WbkbRh2KdDJp2CHpu9GflcVYFJ20rSh1xE_vO0sgHAyjLQkZDjOm0pkdMMYFgEWUtbBbgD7GvTV-gEzKO73nykQOflih7gGxM97jYGHQRHRAsNWRn3gF7noNTPSyZufHkdA7XST3q0pWatgtwzShshEVr9QRcC_s1bD3mPMaOi29WNdkj8RY4HSfBL9fdy_pW4J9uZRRwzlgGoUGqGgYoUw41laxAhrubWtHUvBuoJnwNJXIFJb7vJR9DwPYmlbtWStTkpAD8ayfgLTsVS8VSaEMhWkxM9XratuVBse3MvbxI2fCLzlwYWX4OXz1Lgm8jA9jMLdzG_6GvPnb_Q0AGOrMivrCdgfToYSDSKDb7SKWAKexzuT3plkZ73uQgZ5DOb1oTHQRn84tWte1nsb7PyknawOl7WTC9t_Tj6YZLsKYuKtrqdETbaxMthoKWLzuP6-mJei7ewIb3sCBRvkSSBoPM8994wTv1TTSYomkEoqQ828QNi2WRpCrMR9nLf5HpQ9TjNhIUPtNe0WuEeUTKuz3IDVNlkIV9eNBMyhxdSKqbTYn9cxoifEI8OaR6WvDfAjufM_Q1KNtI1J-ROQX-cvQu1sqJtqwbveen8FcYoRZQ1-z7PMYQHKBTvP6UauY1Qgw8_AYHFf68DwBuC_FUo9RCWiDH1xUqWP0-vor_Y3VOvU8MeMxdCkrkwr-Rm4BgYx6q9NVwKmfMaMv5De2-lGqVmCxofSrDvVYQTZixKHyluc0CI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.manyo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 206 file.mp4
r1---sn-aigzrn7z.c.2mdn.net/videoplayback/id/0d5f6c2ff4329044/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840866156/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame AD88 4 MB
4 MB 700ms
611ms Media
video/mp4 2a00:1450:401f:4::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401f:4::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

eddbbbcb686a5514459f8a90e32b000be3e876db373ac00f837c36eefc9586c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 20 Jan 2024 05:43:10 GMT
date: Sat, 20 Jan 2024 05:43:10 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4113189/4113190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4113190
last-modified: Wed, 04 Oct 2023 11:14:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H2 204 csi
csi.gstatic.com/ Frame AD88 0
54 B 646ms
645ms Ping
image/gif 2404:6800:4015:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lrln8jz3&c=7511306783001&slotId=3755653391500.5&qqid=CIfv85Gh64MDFUSSgwcdyyMCkQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1992&mt=video%2Fmp4&vs=1280x720&ple=0&umsem=0&event_name=first_play&asset_bytes=200746&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4015:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMItqjDkqHrgwMVklSkBB14Uw4TEAAYACCT_dhjQhMIh-_zkaHrgwMVRJKDBx3LIwKR;dc_eps=AHas8cBDpVeGxToMZBEQuGjoJwq29BbbjaqqaMwefwl8eIJYnjGTgwJDEgFBPs8sz1vc1S_1rKgD0LW5nA;met=1;acvw=sv%3D960%26v%3D202401...
ade.googlesyndication.com/ddm/activity/ Frame AD88 42 B
401 B 255ms
96ms Image
image/gif 142.250.185.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItqjDkqHrgwMVklSkBB14Uw4TEAAYACCT_dhjQhMIh-_zkaHrgwMVRJKDBx3LIwKR;dc_eps=AHas8cBDpVeGxToMZBEQuGjoJwq29BbbjaqqaMwefwl8eIJYnjGTgwJDEgFBPs8sz1vc1S_1rKgD0LW5nA;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D58903856%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705729390921;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AD88 42 B
64 B 91ms
88ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2JMCa12rZceNLMSkjuwPy8eIiAmwxL6zddOuirqrEmQQASDkn_YGYLuGgIDQCqAB2vrPwynIAQWpArYUAFUBULU-qAMByAObBKoE-AFP0EWkUsuKbNBLg7dVBA2WV45rC2kcGfFUtGXxAVBNVtwqILR7nQVIU5iIkkaxgWEiwNo41rxta-I8gJeli-difyvoykw8MjM_-q8SidYJ0PlqDWuy_2goIISdj-_4Nt1V9mYZNnIzQOiEm3-F3x3lW-zitoHwI7A3iIMXogTjerBsnoqBBHUyjS0r7Skkfr5EwYhOvd0YsPhpRUbp1CJH-HoVcrPYmEoqsp041LykDjoHsGdcypQhIC4x8GI4hvnWEmogZsjge3ujKxwccOtsKTuwwyu_zZ-3JkUnOFsPfgVFvq-ae2gnGZScqxFUmNdTctnt_mBaqcAEw6b49OAE4AQDiAX7rtuATpAGAaAGToAH2rKgowSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WM3T85Gh64MDgAoBmAsByAsBgAwBqg0CR0KwE6m8sBbYEw2IFALYFAHQFQH4FgGAFwE&sigh=If4_FaJku4U&label=part2viewed&ad_mt=5&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D58903856%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705729390921

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AD88 0
557 B 507ms
337ms Image
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkOmOy52swJw7c9xCtz55WuYOqaD4bKJY8jp9Q_ObO5bBY6bK99alKo7Ll-CeC3CjMprdXhsKASm9Lk2hMNT-U8iULbe39-5bjaeEiqjN38SJjDKqT_Dv4MDRa8EakSZBWiqvdlUbIVnxuopBsFobJ9Hv93j-jvcQ6_EXJwYu8AvH2VLqZ-oc24y5kJ0V5ME2rxgYDN-j_SLB1cBfHGeBFgpVbWogHyl1UWuGEBWivNpwwre5chjlibluuE3DmeRv604an0LMbaDu_zUokyz3nFYWu4tcZwwLfLf6zAKiAg3Yx_F5CjP1NUMgtNFM_RoRrRuRwHQOuKbDYhnPdcGWtY6G6CZYaSwMT5BMpOOsef-fOIWw4QCzHxTfrca2ObmUQQ8GDWvvUScGXehXCyCOIbt_tlEo014_JqBu4wuWkS8QEZ0Ro-FoIUKsZZ-19Rl0BErBO92RjVUOrMKhOGTYJgtlUwSojvzCQKBqYaKJm4DxH4Xedbk_REH6alW8_jfKQrxsMSfz3cENafauX2vu5BQbuLpgjpAj1z1FFTIpZVzarl_4DBWDMVOdFp4q5r-i7yXj11fc5MZ9ATvYPZcDD7UvhSq8N03ZYouXSo3xWhOt1VB7T9_iH4kdMDyK0dTmtc50BDkyKU61kAwnX-WXEerqWnMWPcffbD64_DLsPfzIXs29HCdbdEbdqg0Cqb_hIw0ER5Gm73tPMXjtI61kw7KznC1CTHAFuU_cJ98yYsPf8qyfwn8K90qbyrI2bvpeSGnpCB2lY4BK42yxrl2CzxR2FSibOT0It33SfrWx9t4wpmgg3zY486yK0tRDZpi2jiXLPk7Jcq4kL4lKQREkDX9a_ZbHYrMZSpOHPk8iDF-xdwlp-8PNT17XRK1IXJFCTB6YSkGvn0SX2rrglvyy5IpXMeSxDpDzHqmTU92-GFpAfR86OprfYxjI3_C16-AG6eqZKVDEKaGBJ6D6sDH8tETTBI7k06IY3Afeol1czx3_Wal-kOOWTlBjOKHHFJiRZD9yiUC7yVDnhxok8B8JMcGCNdTohV62x2safcmbKnLyiAGS19ZIWYLWcVEtjhEpYK9GW2ct2JIef4Djegf0ldRSthak8MTdb1pQjoLUGVucqMqwzmE0_NFWcAN4J5Bp0HJu5zqZgktPCAgSoloEXPKGCPwxD_qej9iv6CbQc8YFAf-04Oljv4XL9yGEYBqAPPP3xNvONdWHw4YxdYftKxDi1U9GNaSiU_RBYjrS1ht3gcAki5yCGGy1k&sai=AMfl-YTsH0KVylYgjcZBOTRrk-cJtAhLgFYc0tY70rp2hRc5XDNFstShQhPMc1076GsJBAwcQQFSqDD9MPE8LXIxd1Gyu9PS3e77shy_q01unyJw3I6R03pIj1m6C-dCZjCtd4sjCyLvuPZcWrnCSozUUCDsYFpTwAEPeCZ_36WOAp95FbJ4dRVlHuaindxeYRRn7mFOT89rqX-6hwnIe9a3oOj8mJUKScWykeqr9xLiZyU4xP9L1qlQLvuJwXnKIfZ_AX-z9FbuvyL0C8Ywv_Ya9BuroSFA1sWhISoQE6natiDnkbHelGD0SM-S5DgJDAm7U6x7&sig=Cg0ArKJSzJftewx1IP6QEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 05:43:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame AD88 0
16 B 92ms
89ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_Qg6IEELD97s4EGLmLh4QCIAEwAQ&v=APEucNW3JbdsNXkCdZC4WzPLoa1KcZKFCIiGjh4TfGkI90HsBrSnXBBrCr13FOCiRUXbZTOpZrRIV0oA5dE_7drmf1tj866cqw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:43:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD88 0
20 B 150ms
148ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AD88 42 B
64 B 150ms
149ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucfcXZ6AMXLTXxbzLLxhq7FAD-QqzNpjgmCO9G8koBkaKtlEX2wcTTjRZ5E0Sf9C0n8Y1am7x3lBD3ELUEfVl49hDUaPmw_yTr5pkdYzEdMga20AcjPYLTp0i_FiHJpPXSNGEIPPbkkY66ZHBTMTL4RI9lbt0&sai=AMfl-YQXkbwx16ElmjF1ur1fdSEX4NQph5nhO04lgIMJS3jDBQwoqGgjWez0rZYM9ZvwcB-10WaM34R1IkyJZteL1udaWwVjbl9YB2Ch3J8qavYep4DFwTxP9RSJ1-24kdFzmv58sG-3HWrU9BozSgRj9A&sig=Cg0ArKJSzHwrfp-oO9b2EAE&cid=CAQSTwAvHhf_iItS8eXX8Ww6B99xpfKVYAZMYyoMk0Ec5tvAMGgztEBq3xHuSBqu0YDmucSpIeFwwBsoqi5JpLvnpPKKqncGXFxcUTbI1xXPIdQYAQ&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D58903856%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705729390921&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AD88 42 B
64 B 90ms
88ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2JMCa12rZceNLMSkjuwPy8eIiAmwxL6zddOuirqrEmQQASDkn_YGYLuGgIDQCqAB2vrPwynIAQWpArYUAFUBULU-qAMByAObBKoE-AFP0EWkUsuKbNBLg7dVBA2WV45rC2kcGfFUtGXxAVBNVtwqILR7nQVIU5iIkkaxgWEiwNo41rxta-I8gJeli-difyvoykw8MjM_-q8SidYJ0PlqDWuy_2goIISdj-_4Nt1V9mYZNnIzQOiEm3-F3x3lW-zitoHwI7A3iIMXogTjerBsnoqBBHUyjS0r7Skkfr5EwYhOvd0YsPhpRUbp1CJH-HoVcrPYmEoqsp041LykDjoHsGdcypQhIC4x8GI4hvnWEmogZsjge3ujKxwccOtsKTuwwyu_zZ-3JkUnOFsPfgVFvq-ae2gnGZScqxFUmNdTctnt_mBaqcAEw6b49OAE4AQDiAX7rtuATpAGAaAGToAH2rKgowSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0gghCIDhgBAQARgfMgKqAjoEgECAQEi9_cE6WM3T85Gh64MDgAoBmAsByAsBgAwBqg0CR0KwE6m8sBbYEw2IFALYFAHQFQH4FgGAFwE&sigh=If4_FaJku4U&label=vast_creativeview&ad_mt=5&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D58903856%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1705729390921

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AD88 0
54 B 522ms
520ms Ping
image/gif 2404:6800:4015:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lrln8kpf&c=7511306783001&slotId=3755653391500.5&qqid=CIfv85Gh64MDFUSSgwcdyyMCkQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1992&mt=video%2Fmp4&vs=1280x720&dm=15000&met.4=vil.2hs~ff.2i4~videopreviewstarted.2i6
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4015:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:43:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.manyo.xyz/	1970-01-21 03:10:25	Name: __gads Value: ID=053d9985cae8dc62:T=1705729387:RT=1705729387:S=ALNI_MbTgGdl3J6njPJgaazSt2DMV0NvEA
.manyo.xyz/	1970-01-21 03:10:25	Name: __gpi Value: UID=00000d444428290d:T=1705729387:RT=1705729387:S=ALNI_MaiheQMsiOLm2Pd3e7m9ZHqdQe0Nw
.doubleclick.net/	1970-01-21 03:10:25	Name: IDE Value: AHWqTUlvYWrtEe_3BswHgjW8wEukCQYHyDa9wViO7JsoYWuePtZAHkRnHQLyQGIcdvw
.travelaudience.com/	1970-01-21 03:20:30	Name: _tracker Value: %7B%22UUID%22%3A%222AB59595-2D09-48A1-3086-0597AB986FE9%22%7D
.simpli.fi/	1970-01-21 02:35:51	Name: suid Value: 249AAD9E894B4D90B440B891CA8878DA
.adform.net/	1970-01-20 18:33:27	Name: C Value: 1
.adfarm1.adition.com/	1970-01-20 19:58:25	Name: UserID1 Value: 7326051937301362829
.doubleclick.net/	1970-01-20 22:08:01	Name: APC Value: AfxxVi7TLRYhUIvMAvW_8spWo31LoJ3_dC8wmHNIa5DU7fzi8hnkfQ
.adform.net/	1970-01-20 19:15:13	Name: uid Value: 4305181539019812917
.googleadservices.com/	1970-01-20 19:58:25	Name: ar_debug Value: 1
.tribalfusion.com/	1970-01-20 19:58:25	Name: ANON_ID Value: a3nt6ZaM0ing9PBmSTEpS8QZaGlahZaY804ZdWlxNZbPHnHJdbX468KYEivQGsByrOKZbi8mIYGWaWmZdscAAPTvYZaFmgoatRZd5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ade.googlesyndication.com
ads.travelaudience.com
bid.g.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
csi.gstatic.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
manyo.xyz
pagead2.googlesyndication.com
r1---sn-aigzrn7z.c.2mdn.net
s.tribalfusion.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
waust.at
whos.amung.us
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.manyo.xyz
142.250.185.130
142.250.185.98
142.250.186.98
172.217.23.98
185.2.168.34
23.35.237.56
2404:6800:4015:801::2003
2606:4700:10::6816:4bab
2606:4700:20::681a:407
2606:4700::6812:19ad
2a00:1450:4001:800::2002
2a00:1450:4001:809::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:401f:4::6
2a02:fa8:8806:12::1400
35.190.0.66
35.204.74.118
37.157.6.243
64.233.167.157
85.114.159.118
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21dc8fe701e6d2a511ec281fa10b95ca81e2cfd08e7cbdfaaf3ddd5ce95f7b8b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
369b149661f72b26c1f48521997270db3ad35f97f9e17fdba2545a18f3337319
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3f3bf1e389766da78e6a813db99d0695894b0cd77b73ecffd8ccf34dbd2ad89c
413ac05fa89601830be7d37ff3e8efc612251a10fb645d12ebaf59dacc7b7970
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
427e0740d00a60145ff1ee1318777200ddc8ed3d4b14a00b5b83ab41e32d1f2d
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
590710e18f9a57c84917076f41589087dab691aef95599a96385ee2d246c1115
5f343ca4c9ac17032f116f9bbee9201c09dd81cdb2e4f06ceccf0fb3c23b229e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
73685c5ebba363b21d815afb9eeb7e75d7307cf889248912fbb30200cf75ab0d
74c5dbed8fa4c0b28c9e07d54223e70413615b04676151fe121fcc035db7b8ce
7d893c0554d2e909256d251ae007f443e036aeefb11eb717dffe3bc87ea7820f
84a5d157a0e02a2698c2f6bce91aad9a60da7e7f2bec626610d1bfb255f03eff
8a67995c070b508e252de4dc9b1aca6d3560c634b0d64eb9aa266bdedcb74fd8
8b7a6e96a68076d33a50dac9075eba1b78baa33f4e29e43874212503d74aa3f1
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
8cac03c886acb678f1d43fceb3bf889363e4a21526f160de7bfcff2ec0e7511e
8df3dcf4da9481e93400c1f1398aec8c3ba6caa3b718c95da58fd46d0ac8db64
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
966a552ed5acd7725ac9b4a77bb2ce832e276355170eabf67c489debf7da4b73
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a2da484e85debdc069e2c470a27fa29be56c6cda3ee39ef3ac041e9c1fc90e9d
a4511cff8c243355d6d0debdae9c3769988cb32397b0334892a60aacacd1bfeb
aa8661f793a482cb15f09d9b7b52da7f96016b316c5df0168c980e60578c8e1c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b0328c013ab646923fe68e41d3b03d96771a475185a37c3d11357b5fb9bea977
b0ece8f39a3fc5acfd12aed979a5f6b360617bf76c20e76fca91fb0db7f11234
b63781593c2ab9ba3b4701a7ad0b3087ca6ffad96718d8513af8c1b0546a78b4
bec242f58549ca134f9939752d3258b42e3a568df2972000d87fd5114fb7cf68
cb7377e02bfcc29390eb9d1c8b1f95e5037b10b09b42224ffc2119d81196d46b
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e23c6989542292d10fb125aa5712e08c90e61903696279bddb1039ece6fe7929
e27fbbb6bb3e7ce6765a9552c068ee6ad78a9130b7137a228063bef9d0bf68bf
e371bd5dee97502c487f21e8d9145d62bbb7873a0ad3e739307a8026e9639ea5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e707ff6f678d2d76d1a6dd457e6a24278eb0aff9a9616123a1e3b55e5dc3de99
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb860c99cffc085c2b7b2c33317596c84b768737f40e5a019b35fdfb0ebc24cb
eddbbbcb686a5514459f8a90e32b000be3e876db373ac00f837c36eefc9586c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f264cfb1ca5e83fc20facc8011a41276c7577346c5e09b7e4a44517d24a58e91
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7446cdc26e276ef6dc1e7defcb56e1edd7e567dbc74d49a9818369e349d8f0b
ff82684ee691608c191ce4366cc71c9bbd19622c9349b06c8b8482a1c942d08e

www.manyo.xyz Open in urlscan Pro 185.2.168.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

92 %HTTPS

59 %IPv6

18 Domains

29 Subdomains

23 IPs

8 Countries

5158 kBTransfer

6799 kBSize

11 Cookies

28 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.manyo.xyz Open in urlscan Pro
185.2.168.34 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

92 %
HTTPS

59 %
IPv6

18
Domains

29
Subdomains

23
IPs

8
Countries

5158 kB
Transfer

6799 kB
Size

11
Cookies

113 HTTP transactions
6 data transactions