246r.5mhz.site Open in urlscan Pro
157.7.107.73 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://246r.5mhz.site/
Submission: On November 28 via api (November 28th 2022, 12:07:52 pm UTC) from US — Scanned from US

Summary HTTP 142 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 22 domains to perform 142 HTTP transactions. The main IP is 157.7.107.73, located in Shibuya, Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is 246r.5mhz.site.

This is the only time 246r.5mhz.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	157.7.107.73 157.7.107.73	7506 (INTERQ GM...) (INTERQ GMO Internet)
8	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2607:f8b0:400... 2607:f8b0:4006:808::2008	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
3	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
25	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80a::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:808::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800b... 2620:116:800b:21:1456:d0e1:7db4:a56b	27281 (QUANTCAST) (QUANTCAST)
1 1	2600:9000:221... 2600:9000:2211:2e00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
14	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
2 2	23.197.21.62 23.197.21.62	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
3 3	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2600:1f18:445... 2600:1f18:445b:900:327:d50c:4f94:3d20	14618 (AMAZON-AES) (AMAZON-AES)
1 1	20.230.171.39 20.230.171.39	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	54.198.81.87 54.198.81.87	14618 (AMAZON-AES) (AMAZON-AES)
142	23

13 157.7.107.73 (Shibuya, Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 157-7-107-73.virt.lolipop.jp

246r.5mhz.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80b::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80d::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81f::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4006:824::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81d::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80a::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:808::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2004 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN27281 (QUANTCAST, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2211:2e00:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.197.21.62 (Piscataway, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-21-62.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.90.30 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.154.237 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:445b:900:327:d50c:4f94:3d20 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.230.171.39 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.198.81.87 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-81-87.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 182	575 KB
26	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com encrypted-tbn1.gstatic.com	446 KB
25	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	188 KB
13	wp.com c0.wp.com — Cisco Umbrella Rank: 7538 i0.wp.com — Cisco Umbrella Rank: 3604 stats.wp.com — Cisco Umbrella Rank: 3342 pixel.wp.com — Cisco Umbrella Rank: 2850	805 KB
13	5mhz.site 246r.5mhz.site	68 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	4 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	189 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84	20 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 871	1 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1980	581 B
2	innovid.com 1 redirects ag.innovid.com — Cisco Umbrella Rank: 2331	685 B
2	mookie1.com 2 redirects odr.mookie1.com — Cisco Umbrella Rank: 1265	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2489	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	108 KB
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 3863	416 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 411	459 B
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 4347	581 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 940	700 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 956	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 961	693 B
142	22

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	246r.5mhz.site pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	cm.g.doubleclick.net	246r.5mhz.site googleads.g.doubleclick.net
13	246r.5mhz.site	246r.5mhz.site
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 246r.5mhz.site
8	c0.wp.com	246r.5mhz.site
7	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
4	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
4	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	i0.wp.com	246r.5mhz.site
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	ag.innovid.com	1 redirects googleads.g.doubleclick.net
2	odr.mookie1.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googletagmanager.com	246r.5mhz.site www.googletagmanager.com
1	cc.adingo.jp	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	beacon.walmart.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	246r.5mhz.site
1	stats.wp.com	246r.5mhz.site
142	33

This site contains links to these domains. Also see Links.

Domain
mobile.twitter.com
www.instagram.com
youtube.com
ja.wordpress.org

Subject Issuer	Validity	Valid
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 18 frames:

Primary Page: http://246r.5mhz.site/
Frame ID: 7A93055C73FDA09E3D9C2E61C6D0C209
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: D865E367783ECC75C72C7D8F01228B09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&adk=1812271804&adf=3025194257&lmt=1669637265&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2F246r.5mhz.site%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1669637265377&bpp=11&bdt=645&idt=238&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=601280425811&frm=20&pv=2&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286
Frame ID: FAE33DB3E02AAD44FB3E584A5309416F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=250&slotname=2180228792&adk=1904098548&adf=338606737&pi=t.ma~as.2180228792&w=330&fwrn=4&fwrnh=100&lmt=1669637265&rafmt=1&format=330x250&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669637265388&bpp=5&bdt=656&idt=285&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=342&ady=4488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=x0pX4kndCL&p=http%3A//246r.5mhz.site&dtd=299
Frame ID: 81C5084765563E51C869B3532CBB4FB8
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: 9AA02C26F2DC5C7425C8D427D9F8E6CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669637266&rafmt=1&to=qs&pwprc=2987544574&format=1200x280&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669637266972&bpp=1&bdt=2240&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab181eb5d4ffaf9-22e0ace583d8004b%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MbvPOlA4sVUrC81blL12ArSDxp98g&gpic=UID%3D000008bb41e897ab%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ&prev_fmts=0x0%2C330x250&nras=2&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&psts=AMjMPc2NHrtlA4Nl7q0R5Bw1NTJ6vEP9ZCKooZws8IDurLNQ6-K34pTSm53Rus1HsRVE1OzzEA20sRF7CopuaXU&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=igsliU95HY&p=http%3A//246r.5mhz.site&dtd=11
Frame ID: 8F89B699375B7141F76738D180842DC2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=280&adk=3363353524&adf=4210465007&pi=t.aa~a.3989678080~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669637266&rafmt=1&to=qs&pwprc=2987544574&format=1200x280&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669637266972&bpp=1&bdt=2240&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab181eb5d4ffaf9-22e0ace583d8004b%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MbvPOlA4sVUrC81blL12ArSDxp98g&gpic=UID%3D000008bb41e897ab%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ&prev_fmts=0x0%2C330x250%2C1200x280&nras=3&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&psts=AMjMPc2NHrtlA4Nl7q0R5Bw1NTJ6vEP9ZCKooZws8IDurLNQ6-K34pTSm53Rus1HsRVE1OzzEA20sRF7CopuaXU&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=COPZr16iaq&p=http%3A//246r.5mhz.site&dtd=16
Frame ID: 7FABCAFF1C5A62E82FC75CD0CD2A721B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: F7858ED1FC2B25FCE6F4A6F1BEA8E200
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: C1EA836452340D315ECD20C648A8E89D
Requests: 19 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%8B%E9%96%89%E3%81%98
Frame ID: B172034135C315CD7748E67D49723069
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: 807CC136CEAD42BA96B4A43E07E1850C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: 60523A15592F03F0A02FA60B1A0A3EA0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54071D3C55797F3D5DD72892D99FBA58
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: E089C3F63697C2EF1394051A01F41CC3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F4E4E155CC635EBFC24C8039C51E9722
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: D9C6AFBE7E69D8E054EE728D7519D2BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9852910C342CF418C2F116FB73590B88
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05E58279E1531282B51300B2C9DF5E39
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

246rの趣味の世界（主に釣り？）

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

142
Requests

82 %
HTTPS

58 %
IPv6

22
Domains

33
Subdomains

23
IPs

2
Countries

2406 kB
Transfer

4884 kB
Size

33
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://mobile.twitter.com/246r5mhz
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/retynawo/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCqq_ioG8ykOrdEzSVAZeCLA
Title: youtubeチャンネル

Search URL Search Domain Scan URL

URL: https://ja.wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://d.agkn.com/pixel/2175/?google_gid=CAESEMKZ7QeuXD6l3Qfq1heo2C8&google_cver=1&google_push=ASkJ3FbI4vh4gcJ_C_bVYcB0f-iBryXju6i3iscz6KjR_cy7oAJvbSPVRHaVwq3QqHsQE5XHaSsIv72KU39i9SpAxMrU-P7qBG38 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FbI4vh4gcJ_C_bVYcB0f-iBryXju6i3iscz6KjR_cy7oAJvbSPVRHaVwq3QqHsQE5XHaSsIv72KU39i9SpAxMrU-P7qBG38&google_hm=Q0FFU0VNS1o3UWV1WEQ2bDNRZnExaGVvMkM4

Request Chain 114

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3Faf45zi99TkEDI2sEaYJC94L6A9Ovf2ayz8noFzvfG1qQTHzj1aojBY_GHeJJMa0gFnnU2wW9YWoQaqtiHWKowT9acsKJM4&google_gid=CAESEL4laAeMmp4MwhlqsQLiP7s&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3Faf45zi99TkEDI2sEaYJC94L6A9Ovf2ayz8noFzvfG1qQTHzj1aojBY_GHeJJMa0gFnnU2wW9YWoQaqtiHWKowT9acsKJM4&google_gid=CAESEL4laAeMmp4MwhlqsQLiP7s&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjA3NDgwMDA2MDI1OTQwMDAxMQ%3D%3D&google_push=ASkJ3Faf45zi99TkEDI2sEaYJC94L6A9Ovf2ayz8noFzvfG1qQTHzj1aojBY_GHeJJMa0gFnnU2wW9YWoQaqtiHWKowT9acsKJM4

Request Chain 115

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEEetDwgwp4YMlPmf6LSUV3E&google_push=ASkJ3Fa3iQrp_yvvXDjdu82TCOh5dGxVOybCyCwTHfg6Hf2KCZgg5XU71Z77FHckGD323zVVcVrMO5L4z5qbtch3SL-kDxFjK1jw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3Fa3iQrp_yvvXDjdu82TCOh5dGxVOybCyCwTHfg6Hf2KCZgg5XU71Z77FHckGD323zVVcVrMO5L4z5qbtch3SL-kDxFjK1jw&google_hm=MTA1OTQ4NTg4NjYyMDY1MzE1NDE

Request Chain 116

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEKAGhM9IH2BdJFHArilbBpM&google_cver=1&google_push=ASkJ3FaD9npuYHjjnEfmR7CLL3_yUAEJXxkfTftYW-JkNU0SPtBBInsjZhvTw484ylDrozKs0yf4jrj67zIYBOrrkkGahMDp4oMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=ASkJ3FaD9npuYHjjnEfmR7CLL3_yUAEJXxkfTftYW-JkNU0SPtBBInsjZhvTw484ylDrozKs0yf4jrj67zIYBOrrkkGahMDp4oMQ&google_hm=MTA1OTQ5OTk2MDM0ODUyODk1ODE

Request Chain 117

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_cver=1&google_push=ASkJ3FaQVOaQ1G5v5nSkvqCqE6ePI6DVVxY4hY_L3nq-1makUkwlQdvmvJuPRqDC5tNUv15Rr3x3_wdIf5fUTQk6rLqx1NtkgmzG HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_push=ASkJ3FaQVOaQ1G5v5nSkvqCqE6ePI6DVVxY4hY_L3nq-1makUkwlQdvmvJuPRqDC5tNUv15Rr3x3_wdIf5fUTQk6rLqx1NtkgmzG&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_hm=Y4SklFXdLpk8fUUoHlEZwAAAAIEAAAAB&google_nid=index&google_push=ASkJ3FaQVOaQ1G5v5nSkvqCqE6ePI6DVVxY4hY_L3nq-1makUkwlQdvmvJuPRqDC5tNUv15Rr3x3_wdIf5fUTQk6rLqx1NtkgmzG

Request Chain 129

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEDDA0Z3_EGZxuV3MU8L6r5A&google_cver=1&google_push=ASkJ3FZ-WRIThHLttThFFBpybtS7AeZn4fb-V2lY9H-5Tx7M39njx6TCzhscRwGCMMP5ewjYHjNqlrL8WhPpcNgRUspPdc_-Rw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=RYDbDcHQk9BYWAVnwDyZt0&tap=gAds&google_gid=CAESEDDA0Z3_EGZxuV3MU8L6r5A&google_cver=1&google_push=ASkJ3FZ-WRIThHLttThFFBpybtS7AeZn4fb-V2lY9H-5Tx7M39njx6TCzhscRwGCMMP5ewjYHjNqlrL8WhPpcNgRUspPdc_-Rw

Request Chain 130

https://rtb.openx.net/sync/dds?google_gid=CAESENyDoVynizH7AxlbGKb_ZK8&google_cver=1&google_push=ASkJ3FbQwB2pOCnZQe9NcnimYsUWUhJZ4V68EvBY0NbvEPsYUUPdHfX8-fGOqR6NnAAF_L_qJ_Nndf6Do-P2JK-mZSyCbbMOIy0 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESENyDoVynizH7AxlbGKb_ZK8&google_cver=1&google_push=ASkJ3FbQwB2pOCnZQe9NcnimYsUWUhJZ4V68EvBY0NbvEPsYUUPdHfX8-fGOqR6NnAAF_L_qJ_Nndf6Do-P2JK-mZSyCbbMOIy0&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbQwB2pOCnZQe9NcnimYsUWUhJZ4V68EvBY0NbvEPsYUUPdHfX8-fGOqR6NnAAF_L_qJ_Nndf6Do-P2JK-mZSyCbbMOIy0&google_hm=O72ZrjebxC8MdBozdzOZ5Q==

Request Chain 131

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDX2WFwN7LVZUqhFL4zP_B0&google_cver=1&google_push=ASkJ3FbONOVeBLJgjn-hd45NT89rCN6akxHLrvSW7ckGMDEZ0p-w99n1aKz-TFY7m3XK27ccRLhcCmZEtqZsST2cAz2vkSYwOZE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDX2WFwN7LVZUqhFL4zP_B0&google_cver=1&google_push=ASkJ3FbONOVeBLJgjn-hd45NT89rCN6akxHLrvSW7ckGMDEZ0p-w99n1aKz-TFY7m3XK27ccRLhcCmZEtqZsST2cAz2vkSYwOZE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=97dYpfqDRouS5XemA-F6vA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbONOVeBLJgjn-hd45NT89rCN6akxHLrvSW7ckGMDEZ0p-w99n1aKz-TFY7m3XK27ccRLhcCmZEtqZsST2cAz2vkSYwOZE

Request Chain 132

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKU5ESdhmpfEvpgUFrdAW0E&google_cver=1&google_push=ASkJ3FamPKc9z3LLyGrpYClvGZifkoUS0x9Ii0dNcNdKWhhNOSITrpTrJWh2iK1SQWzUZeED9lOefEEERTgZiI1fJHBvYYUzcw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUVg1SFUtMTUtSTdYNw==&google_push=ASkJ3FamPKc9z3LLyGrpYClvGZifkoUS0x9Ii0dNcNdKWhhNOSITrpTrJWh2iK1SQWzUZeED9lOefEEERTgZiI1fJHBvYYUzcw

Request Chain 133

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_cver=1&google_push=ASkJ3FZuwNN0Y7qIbXMBgAL5a28Qd7_w0LrCZ83DJ7uarbzajrBdJ-CK-lmmauEK-UvheEq1sLU1uzgXZlXetf0VpUm_p8aozp4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_hm=Y4SklFXdLpk8fUUoHlEZwAAAAIEAAAAB&google_nid=index&google_push=ASkJ3FZuwNN0Y7qIbXMBgAL5a28Qd7_w0LrCZ83DJ7uarbzajrBdJ-CK-lmmauEK-UvheEq1sLU1uzgXZlXetf0VpUm_p8aozp4

Request Chain 134

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBMpYsB3JXwKVM3MdTsvmf0&google_cver=1&google_push=ASkJ3Fav5ZKXZdwBzenFAfYjSy__CftVyYfDa7Iyr98AMZhouBw5UkbeX9LsyjdOzpYiRGoN5Z7A9CVeRd96GULheNaQ9Ms_sbM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3Fav5ZKXZdwBzenFAfYjSy__CftVyYfDa7Iyr98AMZhouBw5UkbeX9LsyjdOzpYiRGoN5Z7A9CVeRd96GULheNaQ9Ms_sbM&google_hm=kZrYtAWaQTCQ2SxUS7p1ag

Request Chain 135

https://cc.adingo.jp/adx/push/?google_gid=CAESEDr8msPTgE1FGdk6_qU78yA&google_cver=1&google_push=ASkJ3FbpwXAyBIPUSfnU44pyNBiR2N8AUh49tKWb1tr4-S-Cz7VKCNiyDGXqn-R1eEmoT3XHQBLim-JmBWY--7kO6_fWhFpA0g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FbpwXAyBIPUSfnU44pyNBiR2N8AUh49tKWb1tr4-S-Cz7VKCNiyDGXqn-R1eEmoT3XHQBLim-JmBWY--7kO6_fWhFpA0g&google_hm=4d1ce9305cf4aa080afed9488f106690

142 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
246r.5mhz.site/ 115 KB
30 KB 1933ms
1336ms Document
text/html 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache / PHP/7.4.33
Resource Hash: 2af84ac5b3f3da7c5da97468a470ccab874d50cbf9bb4b89dfd2ac6491789964

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 30515
Content-Type: text/html; charset=UTF-8
Date: Mon, 28 Nov 2022 12:07:44 GMT
Link: <http://246r.5mhz.site/wp-json/>; rel="https://api.w.org/", <http://246r.5mhz.site/wp-json/wp/v2/pages/25>; rel="alternate"; type="application/json", <http://246r.5mhz.site/>; rel=shortlink
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
X-Powered-By: PHP/7.4.33

GET
H2 200 style.min.css
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/ 93 KB
12 KB 31ms
8ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT ewr 1
date: Mon, 28 Nov 2022 12:07:44 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:07:44 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/ 11 KB
2 KB 31ms
9ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT ewr 1
date: Mon, 28 Nov 2022 12:07:44 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:07:44 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/ 4 KB
1 KB 31ms
10ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT ewr 1
date: Mon, 28 Nov 2022 12:07:44 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:07:44 GMT

GET
H2 200 classic-themes.min.css
c0.wp.com/c/6.1.1/wp-includes/css/ 217 B
280 B 34ms
12ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT ewr 1
date: Mon, 28 Nov 2022 12:07:44 GMT
strict-transport-security: max-age=15552000
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 217
expires: Tue, 28 Nov 2023 12:07:44 GMT

GET
H/1.1 200
OK style.css
246r.5mhz.site/wp-content/themes/twentyseventeen/ 82 KB
16 KB 184ms
181ms Stylesheet
text/css 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/themes/twentyseventeen/style.css?ver=20221101
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: 121e44e5cd8e8a76924297474378f77b2c14261d26b705fc7bccae56b3984133

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 00:22:44 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16006

GET
H/1.1 200
OK blocks.css
246r.5mhz.site/wp-content/themes/twentyseventeen/assets/css/ 10 KB
2 KB 243ms
170ms Stylesheet
text/css 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20220912
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: 37fa576d4c1a5e70993a211461fabe5e8473af031573b57dcfd7874bedb39d6a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 00:22:44 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1949

GET
H/1.1 200
OK amazonjs-force.css
246r.5mhz.site/wp-content/plugins/amazonjs/css/ 3 KB
994 B 342ms
173ms Stylesheet
text/css 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/plugins/amazonjs/css/amazonjs-force.css?ver=0.10
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: adca101fbbf2a8901b5452b9df21ed31daae2bea69221dc7331a9d9581dfcf0b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:44 GMT
Content-Encoding: gzip
Last-Modified: Sun, 01 Nov 2020 13:10:06 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 717

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/11.5.1/css/ 84 KB
15 KB 32ms
13ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.5.1/css/jetpack.css

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

96852267480e97e11f1058af3c56a86368b3c6647c2c4de7a69de2a693be9f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT ewr 1
date: Mon, 28 Nov 2022 12:07:44 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:07:44 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ 88 KB
30 KB 33ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT ewr 1
date: Mon, 28 Nov 2022 12:07:44 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:07:44 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ 11 KB
4 KB 33ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT ewr 1
date: Mon, 28 Nov 2022 12:07:44 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:07:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 131ms
35ms Script
application/javascript 2607:f8b0:4006:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-105730599-2

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8cb51130e3b6811c3661f3d359acfa498c0b1554a565bd3bfc6fb39b5574789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 12:07:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 141ms
45ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6036055974368811

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45181642f6df106e2a237fa50c610755d00ee3ad805042efb593509c0598d1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://246r.5mhz.site/
Origin: http://246r.5mhz.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49512
x-xss-protection: 0
server: cafe
etag: 13998030581433183645
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 12:07:45 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
246r.5mhz.site/wp-includes/js/ 18 KB
5 KB 206ms
190ms Script
application/javascript 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 23:10:51 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5009

GET
H2 200 cropped-246r-hed.jpg
i0.wp.com/246r.5mhz.site/wp-content/uploads/2020/10/ 76 KB
77 KB 1531ms
1436ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/246r.5mhz.site/wp-content/uploads/2020/10/cropped-246r-hed.jpg?w=1932

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0a91cd0db5b608cbe95d5b05abc078614023f7a86e4b99187ebaa5782dd2a636

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: MISS ewr 8
date: Mon, 28 Nov 2022 12:07:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 12:07:46 GMT
server: nginx
etag: "41a4af782f92ca77"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://246r.5mhz.site/wp-content/uploads/2020/10/cropped-246r-hed.jpg>; rel="canonical"
content-length: 78130
expires: Thu, 28 Nov 2024 00:07:46 GMT

GET
H2 200 cropped-246r-rogo.jpg
i0.wp.com/246r.5mhz.site/wp-content/uploads/2020/10/ 6 KB
6 KB 794ms
700ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/246r.5mhz.site/wp-content/uploads/2020/10/cropped-246r-rogo.jpg?w=250

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d204699f2c308581a270e14759b081ed747e65f50f04bec6ac2d00e34ba3bd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: MISS ewr 8
date: Mon, 28 Nov 2022 12:07:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 12:07:45 GMT
server: nginx
etag: "4981bbbdf9d0fbcb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://246r.5mhz.site/wp-content/uploads/2020/10/cropped-246r-rogo.jpg>; rel="canonical"
content-length: 5840
expires: Thu, 28 Nov 2024 00:07:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
54 KB 93ms
77ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ee2a19a1aa7c61fa18c4e70e65f3f9d844cb99836688bf73b569ae9b2383749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54897
x-xss-protection: 0
server: cafe
etag: 4538707937251348551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 12:07:45 GMT

GET
H/1.1 200
OK rtoc_style.css
246r.5mhz.site/wp-content/plugins/rich-table-of-content/css/ 29 KB
4 KB 174ms
174ms Stylesheet
text/css 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/plugins/rich-table-of-content/css/rtoc_style.css?ver=6.1.1
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: 5610920381c1d3e5472f5655fa046ccd1e41245ecb17463018f5859bae5ab33b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 00:22:19 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3727

GET
H/1.1 200
OK rtoc_common.js Show response
246r.5mhz.site/wp-content/plugins/rich-table-of-content/js/ 942 B
668 B 179ms
179ms Script
application/javascript 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/plugins/rich-table-of-content/js/rtoc_common.js?ver=6.1.1
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: 5072185bb6070502d0349bc1590b5dd7c5b338d806790b16f45ef015d27365fe

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 00:22:19 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 377

GET
H/1.1 200
OK rtoc_scroll.js Show response
246r.5mhz.site/wp-content/plugins/rich-table-of-content/js/ 490 B
600 B 173ms
172ms Script
application/javascript 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/plugins/rich-table-of-content/js/rtoc_scroll.js?ver=6.1.1
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: cdf93570bd9f6ab9886b48e0826fcba43c1613bb3ac126a39e2efc71fcbb6e23

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 00:22:19 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 309

GET
H/1.1 200
OK rtoc_highlight.js Show response
246r.5mhz.site/wp-content/plugins/rich-table-of-content/js/ 3 KB
1 KB 192ms
185ms Script
application/javascript 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/plugins/rich-table-of-content/js/rtoc_highlight.js?ver=6.1.1
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: 94a3ea9bf0e3003e9c0ac28d56ba32400a69cf588828edd9675e30cb0aedd98e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 00:22:19 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 931

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/ 685 B
417 B 15ms
2ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT ewr 1
date: Mon, 28 Nov 2022 12:07:45 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:07:45 GMT

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
246r.5mhz.site/wp-content/themes/twentyseventeen/assets/js/ 683 B
707 B 284ms
171ms Script
application/javascript 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 00:22:44 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 416

GET
H/1.1 200
OK navigation.js Show response
246r.5mhz.site/wp-content/themes/twentyseventeen/assets/js/ 4 KB
1 KB 320ms
179ms Script
application/javascript 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20210122
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: 1c98a8d8813ac4e8d1d79e5b5981c41ecce80bfdb7e55b70430e429690a0dbfe

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 00:22:44 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1161

GET
H/1.1 200
OK global.js Show response
246r.5mhz.site/wp-content/themes/twentyseventeen/assets/js/ 8 KB
3 KB 233ms
173ms Script
application/javascript 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20211130
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: 75d7fd1066c67dfe078b0cf1fe3863d2b883076cb6f4e41988708179f7e18488

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 00:22:44 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2638

GET
H/1.1 200
OK jquery.scrollTo.js Show response
246r.5mhz.site/wp-content/themes/twentyseventeen/assets/js/ 6 KB
3 KB 204ms
172ms Script
application/javascript 157.7.107.73
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://246r.5mhz.site/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.3
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 157.7.107.73 Shibuya, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-73.virt.lolipop.jp
Software: Apache /
Resource Hash: 74b88e3c74597c256390ff0cf19b7bc9c5427ca2b0651959c164b29253965871

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:07:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 00:22:44 GMT
Server: Apache
Vary: Range,Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2414

GET
H2 200 e-202248.js Show response
stats.wp.com/ 9 KB
3 KB 25ms
4ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202248.js
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT ewr
date: Mon, 28 Nov 2022 12:07:45 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 20 Nov 2023 02:57:40 GMT

GET
H2 200 DSC_0138-scaled.jpg
i0.wp.com/246r.5mhz.site/wp-content/uploads/2020/10/ 653 KB
654 KB 2084ms
2060ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/246r.5mhz.site/wp-content/uploads/2020/10/DSC_0138-scaled.jpg?resize=2000%2C1200

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a06ebe3c8f1e2ee869050a5deb1744010f88f5d40f55d3f7e5a58218a9aab4b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: MISS ewr 8
date: Mon, 28 Nov 2022 12:07:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 12:07:47 GMT
server: nginx
etag: "7d286668876fd574"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://246r.5mhz.site/wp-content/uploads/2020/10/DSC_0138-scaled.jpg>; rel="canonical"
content-length: 669038
expires: Thu, 28 Nov 2024 00:07:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 24ms
4ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105730599-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 11:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1280
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 28 Nov 2022 13:46:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
65 KB 37ms
35ms Script
application/javascript 2607:f8b0:4006:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z5SPF3VMD8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105730599-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ff56f993a73deb5b7130619bec561e3306463649fa4fd29e0fba58158bf9e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 12:07:45 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 68ms
56ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6036055974368811

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

781f95266dcfd8fa8889009f37c8ca55813776b3ffe05405b8d93bd47ee5629c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119595
x-xss-protection: 0
server: cafe
etag: 1208016596867885104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 12:07:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame D865 10 KB
5 KB 25ms
4ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6036055974368811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://246r.5mhz.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 06:51:28 GMT
etag: 10353107486223812946
expires: Mon, 12 Dec 2022 06:51:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 30ms
18ms XHR
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1934032035&t=pageview&_s=1&dl=http%3A%2F%2F246r.5mhz.site%2F&ul=en-us&de=UTF-8&dt=246r%E3%81%AE%E8%B6%A3%E5%91%B3%E3%81%AE%E4%B8%96%E7%95%8C%EF%BC%88%E4%B8%BB%E3%81%AB%E9%87%A3%E3%82%8A%EF%BC%9F%EF%BC%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1684811136&gjid=1228675260&cid=1983815214.1669637265&tid=UA-105730599-2&_gid=1467615302.1669637265&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=795996379

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://246r.5mhz.site/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://246r.5mhz.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 18ms
17ms Ping
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z5SPF3VMD8&gtm=2oeb90&_p=1934032035&gdid=dZTNiMT&cid=1983815214.1669637265&ul=en-us&sr=1600x1200&_s=1&sid=1669637265&sct=1&seg=0&dl=http%3A%2F%2F246r.5mhz.site%2F&dt=246r%E3%81%AE%E8%B6%A3%E5%91%B3%E3%81%AE%E4%B8%96%E7%95%8C%EF%BC%88%E4%B8%BB%E3%81%AB%E9%87%A3%E3%82%8A%EF%BC%9F%EF%BC%89&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z5SPF3VMD8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://246r.5mhz.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
247 B 17ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&blog=185280020&post=25&tz=9&srv=246r.5mhz.site&j=1%3A11.5.1&host=246r.5mhz.site&ref=&fcp=2514&rand=0.8707070241873565
Requested by: Host: 246r.5mhz.site
URL: http://246r.5mhz.site/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 12:07:45 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
693 B 253ms
18ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=246r.5mhz.site&callback=_gfp_s_&client=ca-pub-6036055974368811&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7768c31dec7b35b9e2cfc839359500ee91b24d489ebef9be70a86cc34bf4e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 245ms
19ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=246r.5mhz.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 63ms
62ms Image
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2F246r.5mhz.site%2F&tn=IMG&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAE3 307 KB
70 KB 997ms
980ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&adk=1812271804&adf=3025194257&lmt=1669637265&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2F246r.5mhz.site%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1669637265377&bpp=11&bdt=645&idt=238&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=601280425811&frm=20&pv=2&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c533cb6230f1beb02ee886b2061fb5bd6723cf2c16c2f5a9c4987f04c36dce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://246r.5mhz.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 71856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:07:46 GMT
expires: Mon, 28 Nov 2022 12:07:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81C5 105 KB
33 KB 753ms
738ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=250&slotname=2180228792&adk=1904098548&adf=338606737&pi=t.ma~as.2180228792&w=330&fwrn=4&fwrnh=100&lmt=1669637265&rafmt=1&format=330x250&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669637265388&bpp=5&bdt=656&idt=285&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=342&ady=4488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=x0pX4kndCL&p=http%3A//246r.5mhz.site&dtd=299

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4ee055a22de8bb114a660d2e36827aba086e3c0e7934368c81d35664f7cce9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://246r.5mhz.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34117
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:07:46 GMT
expires: Mon, 28 Nov 2022 12:07:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 81C5 2 KB
1 KB 44ms
27ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=250&slotname=2180228792&adk=1904098548&adf=338606737&pi=t.ma~as.2180228792&w=330&fwrn=4&fwrnh=100&lmt=1669637265&rafmt=1&format=330x250&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669637265388&bpp=5&bdt=656&idt=285&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=342&ady=4488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=x0pX4kndCL&p=http%3A//246r.5mhz.site&dtd=299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 12:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 11:00:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 12:07:46 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 81C5 2 KB
846 B 34ms
6ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 20:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 20:19:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 81C5 23 KB
10 KB 30ms
3ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:59:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 18:59:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 81C5 3 KB
1 KB 26ms
6ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:01:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 81C5 18 KB
7 KB 31ms
5ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:01:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81C5 154 KB
48 KB 75ms
39ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 12:07:46 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 81C5 34 KB
14 KB 47ms
17ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 16:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 16:08:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 81C5 0
0 75ms
75ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYY1ykaSEY-jHNrj4xtYP3IqgkAXrnePTbfS1j5mSEK2EtZ7HNhABIIHY105gycapi8Ck2A-gAbup-vUDyAEJqAMByAPLBKoE5gFP0GymStGTTJl61b6aIJxFsdtmHEoOHKlKcHG8kQ5OXiK_bdKmpy8c8rQsS4pmpvVeubRB0FOcoWZgG7n4eet2eJKi0iPvWhTRu8eM3NXAw4uCrDroTkoIUTedKCaPUXCcAWnRdy79vz_qAwpuqRD4ieNd44hinabPqZdXfP7OGcsvfvP28E1uhIqfMlkmOtusTxRhaDqBIU3grCH-n71DGpZGEaY3UqjXmvJOJUEPNqF_1KNB7V8qEUjBWT9hfzhG9X0ZHDi5Grd1B3yG7SLRyvSXu7JLr_cbazNf4p7-WP7Ga3OQpsAEn-6_kZsEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-fFhjGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQx8si0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTYwMzYwNTU5NzQzNjg4MTEYAA&sigh=VBO2hjNvKQM&uach_m=[UACH]&cid=CAQSGwDq26N9GrmplYqe8jnOLPg8qqUmkL1yWX80bxgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=250&slotname=2180228792&adk=1904098548&adf=338606737&pi=t.ma~as.2180228792&w=330&fwrn=4&fwrnh=100&lmt=1669637265&rafmt=1&format=330x250&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669637265388&bpp=5&bdt=656&idt=285&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=342&ady=4488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=x0pX4kndCL&p=http%3A//246r.5mhz.site&dtd=299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 12:07:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 28 Nov 2022 12:07:46 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 81C5 13 KB
14 KB 41ms
11ms Image
image/jpeg 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTzr8UzGNvS654XXdfIw8oW2CnOoDb-SnlwBgXK6Rb-dqZ3cL0tqSNgZZIgug&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05859285e54fa6bd4da879248c84a13c4eb317faaf65c22af180324d10c30143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 14:25:57 GMT
x-content-type-options: nosniff
age: 423709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13461
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 16:39:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 14:25:57 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 81C5 16 KB
16 KB 37ms
12ms Image
image/jpeg 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQiX_we9IXMpd2jM7pGvcE_Eit-aJvrndYB1K4QVF7SdQ5-zhToxsrsWt_RUA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9849457018dfaf28e3ceb6a612d6f93389149fe188af6645a9ce0f5da393791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:21:12 GMT
x-content-type-options: nosniff
age: 441994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16462
x-xss-protection: 0
last-modified: Thu, 26 May 2022 23:26:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 09:21:12 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 81C5 16 KB
17 KB 39ms
15ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSoNXsIGtanZa-zZHUp-gGAbZM5qNAqqNPKmyU608D4N6_WKx-czhDhDnQuSA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60e87c22bbd5709ec160cdbd9a13b0fb7e93b8ec9d07fd547765a8638391b8e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:23:13 GMT
x-content-type-options: nosniff
age: 427473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16313
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 04:00:25 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 13:23:13 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 81C5 894 B
1 KB 35ms
11ms Image
image/png 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRieZx67pZ-iMP1ojwfK9weg3P3uZO2cfnuT0zRVkdwsDOY-nw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ed668dc53e7130a7e54e18c6ad5752d81da9d29b46fc18606ea92307c383013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:50:30 GMT
x-content-type-options: nosniff
age: 317836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 894
x-xss-protection: 0
last-modified: Fri, 17 Jun 2016 12:22:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 24 Nov 2023 19:50:30 GMT

GET
DATA 200
OK truncated
/ Frame 81C5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08a1c8d29dd5d4da9a89c6f7ea6a2a444875d006873ea33b2e4fb5e6e4538a1b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 81C5 20 KB
21 KB 36ms
6ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 16:38:24 GMT
x-content-type-options: nosniff
age: 70162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 16:38:24 GMT

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AA0 36 KB
16 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 06:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 06:36:33 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 150 KB
51 KB 49ms
48ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

740048e89766bca1d388ecc2321d719de520b2be882f1f220b852ab92383bade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52273
x-xss-protection: 0
server: cafe
etag: 17432313960266035512
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 12:07:46 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
19ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=246r.5mhz.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F89 100 KB
34 KB 1097ms
1096ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669637266&rafmt=1&to=qs&pwprc=2987544574&format=1200x280&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669637266972&bpp=1&bdt=2240&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab181eb5d4ffaf9-22e0ace583d8004b%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MbvPOlA4sVUrC81blL12ArSDxp98g&gpic=UID%3D000008bb41e897ab%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ&prev_fmts=0x0%2C330x250&nras=2&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&psts=AMjMPc2NHrtlA4Nl7q0R5Bw1NTJ6vEP9ZCKooZws8IDurLNQ6-K34pTSm53Rus1HsRVE1OzzEA20sRF7CopuaXU&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=igsliU95HY&p=http%3A//246r.5mhz.site&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17614df6c750aa8498821c06fd9e1f21d52807b1aa47ee506a21ed90108ebace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://246r.5mhz.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34792
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:07:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7FAB 101 KB
35 KB 633ms
631ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=280&adk=3363353524&adf=4210465007&pi=t.aa~a.3989678080~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669637266&rafmt=1&to=qs&pwprc=2987544574&format=1200x280&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669637266972&bpp=1&bdt=2240&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab181eb5d4ffaf9-22e0ace583d8004b%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MbvPOlA4sVUrC81blL12ArSDxp98g&gpic=UID%3D000008bb41e897ab%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ&prev_fmts=0x0%2C330x250%2C1200x280&nras=3&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&psts=AMjMPc2NHrtlA4Nl7q0R5Bw1NTJ6vEP9ZCKooZws8IDurLNQ6-K34pTSm53Rus1HsRVE1OzzEA20sRF7CopuaXU&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=COPZr16iaq&p=http%3A//246r.5mhz.site&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36e154a8632a90cdc086cc19acf55293f536cba62e9e32543ea11fd0273fe99d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://246r.5mhz.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 35664
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:07:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=246r.5mhz.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame F785 10 KB
4 KB 4ms
4ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://246r.5mhz.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 20:35:50 GMT
etag: 10353107486223812946
expires: Sun, 11 Dec 2022 20:35:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame C1EA 10 KB
4 KB 5ms
5ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://246r.5mhz.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 20:35:50 GMT
etag: 10353107486223812946
expires: Sun, 11 Dec 2022 20:35:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame F785 4 KB
636 B 62ms
50ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 10:16:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 12:07:47 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F785 205 B
229 B 24ms
13ms Image
image/png 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 16:48:25 GMT
x-content-type-options: nosniff
age: 69562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 27 Nov 2023 16:48:25 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F785 604 B
628 B 23ms
12ms Image
image/png 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 18:39:05 GMT
x-content-type-options: nosniff
age: 408522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Nov 2023 18:39:05 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame F785 19 KB
8 KB 38ms
17ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 20:30:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 20:30:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C1EA 8 KB
895 B 37ms
33ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 11:00:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 12:07:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C1EA 2 KB
765 B 21ms
15ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 20:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 20:19:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C1EA 0
0 86ms
85ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cdv3ckaSEY-TPNtvfxtYP0_CYsAL9v7bTbcCxo6aMEdu3pM7iNxABIIHY105gycapi8Ck2A-gAbup-vUDyAEJqAMByAPLBKoE5wFP0NvvWJVOaYZ-1PoEwQIVJd9FB8vWaxuMPkVv3kAS2wttVI9Cowv_nciQ6Asucpw3fGgiShgYpUd0OF2fxqfs-vpm-PBirAKmTML6TEJ9F8NfR32OokOGXG2DoPQIgIaUDJUg3Bde-0OKb2sJwJkbnl-f2b9RJrdV6KPHM8zqJo-2NB1W985wJPBKuVsyG9NXZlHG12av6UVer6b6UxcdWCEOOiMdtssB2CeL1W5FX2Z0rhQWmyhiMr6sgVIUVey_3Bx9Hs4NlKnqVHfyiAdHzAaT3Hhad7JXRdFCRicXvcISTDm_O7HABK647_iMBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfnxYYxqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcFEMuMygPSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNjAzNjA1NTk3NDM2ODgxMRgA&sigh=XYhzx_NNXyo&uach_m=[UACH]&cid=CAQSGwDq26N9fT9zN7m4R2uFXcJkOKjCyvq2nAovhRgBIBM&template_id=494

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 12:07:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C1EA 23 KB
9 KB 20ms
14ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:59:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 18:59:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C1EA 3 KB
1 KB 23ms
16ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:01:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C1EA 18 KB
7 KB 26ms
17ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:01:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1EA 154 KB
47 KB 84ms
32ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 12:07:47 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame C1EA 34 KB
14 KB 55ms
36ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 00:37:30 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame C1EA 16 KB
16 KB 69ms
15ms Image
image/jpeg 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTpNOI928x9dJkQ5cx-a00QB9EOXcC-TbJ1yzw5vcM3cupSfK4CCqkhCyszBLo&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24ebcb01a7355b1726bc96ecd2bb70c3671cc1337ea16a64d71ede861e48c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 04:27:43 GMT
x-content-type-options: nosniff
age: 373204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16608
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 09:08:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 24 Nov 2023 04:27:43 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame C1EA 17 KB
17 KB 73ms
19ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT7_M7zuJfCI0VP-YE1roAUj9s_vmb0TZ7U1xQebC3GXnQN8cJe44P6BmdQycY&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a333f329ac42f2149d5424d5d60369e84af24cb5b27153c27ecd1c968243519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:50:15 GMT
x-content-type-options: nosniff
age: 346652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17597
x-xss-protection: 0
last-modified: Sat, 15 Oct 2022 02:27:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 24 Nov 2023 11:50:15 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame C1EA 16 KB
16 KB 68ms
15ms Image
image/jpeg 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT11nwVgHrvoJiuVIjqtXokpUpshpvROgjf4aFJZw-coVDBLcOGjGkpwSBhSw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cba1068498dd6aa0dc5f6d798d3659328ebbe837de441204f49a26040cf5c101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 20:38:05 GMT
x-content-type-options: nosniff
age: 487782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16160
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 07:02:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 22 Nov 2023 20:38:05 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame C1EA 27 KB
27 KB 71ms
17ms Image
image/jpeg 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRTi5FlFzm-Ogj-D98a3P4kY96mbvSG5GOhIQ_f-RcuqBnCQt9bzh-z6LkLtVQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

055acd64f4442b4455e57e0414b04f2ab5a47dd055546444aac5c8881224e9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 15:24:38 GMT
x-content-type-options: nosniff
age: 420189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28096
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:25:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 15:24:38 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame C1EA 15 KB
15 KB 63ms
11ms Image
image/jpeg 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQbx3Bl9_VxNpHU72fqKcMzGNwn3_A8UwwZ0-pht7I74ZDX7w2e_R0hIKjNww&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dd707549f74f6260d97d87387d21f0b64f7c3f4835395b58cb21fb1521e67a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:36:43 GMT
x-content-type-options: nosniff
age: 347464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15128
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 07:40:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 24 Nov 2023 11:36:43 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C1EA 17 KB
17 KB 88ms
5ms Image
image/jpeg 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRStEBESvhYQKIGyCG7nxVAxTicFpIf-vf0kgRPIEjVCoutkMXQt-RX0oIbs38&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5cab29ad842e0218f549499a28670f865e87e31a81dccbeb9baf460c20b43e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 13:18:50 GMT
x-content-type-options: nosniff
age: 254937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17053
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 06:43:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 25 Nov 2023 13:18:50 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C1EA 16 KB
16 KB 91ms
8ms Image
image/jpeg 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQCCL_jfYogj2P_yo9jXrqKFkSJ0yxLaaGb4jENGk_CjbQMq9CvDC6FCtHZjFw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a98497a7eda7c1411ccc49250208a7cb52972631bbc110589a425b369318470b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:38:52 GMT
x-content-type-options: nosniff
age: 455335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16266
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:02:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 05:38:52 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C1EA 1 KB
1 KB 90ms
7ms Image
image/png 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQknBuC4CQh9zew60cwNVQw_WDm6DkK5iq7_A2cEtwyIBo9p-hq&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258149ef4839e6780c8efa1d8b69a5223fc72797a53af0c47107b99fc6345d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 23:02:38 GMT
x-content-type-options: nosniff
age: 392709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1351
x-xss-protection: 0
last-modified: Wed, 15 Jun 2016 18:40:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 23:02:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B172 466 B
307 B 23ms
19ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%8B%E9%96%89%E3%81%98

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85caa4d3cc6269b39ec71fb6518ff888452553ecd35ea7377d1a3e22a5d2d54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 12:07:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 12:07:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B172 2 KB
765 B 7ms
7ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 20:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 20:19:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame B172 23 KB
9 KB 8ms
3ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:59:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 18:59:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B172 3 KB
1 KB 9ms
4ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:01:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B172 18 KB
7 KB 10ms
5ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:01:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B172 154 KB
47 KB 55ms
51ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 12:07:47 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame B172 34 KB
14 KB 8ms
6ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 00:37:30 GMT

GET
DATA 200
OK truncated
/ Frame C1EA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b03043d89e80a8dd0aa7fe80e5aa14eff5e16503d1c299081b586e2ec4c6a8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 807C 36 KB
16 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 06:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 06:36:33 GMT

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6052 36 KB
16 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 06:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 06:36:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7FAB 8 KB
895 B 23ms
22ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=280&adk=3363353524&adf=4210465007&pi=t.aa~a.3989678080~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669637266&rafmt=1&to=qs&pwprc=2987544574&format=1200x280&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669637266972&bpp=1&bdt=2240&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab181eb5d4ffaf9-22e0ace583d8004b%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MbvPOlA4sVUrC81blL12ArSDxp98g&gpic=UID%3D000008bb41e897ab%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ&prev_fmts=0x0%2C330x250%2C1200x280&nras=3&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&psts=AMjMPc2NHrtlA4Nl7q0R5Bw1NTJ6vEP9ZCKooZws8IDurLNQ6-K34pTSm53Rus1HsRVE1OzzEA20sRF7CopuaXU&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=COPZr16iaq&p=http%3A//246r.5mhz.site&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 11:09:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 12:07:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7FAB 2 KB
765 B 6ms
4ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 20:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 20:19:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 7FAB 23 KB
9 KB 7ms
5ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:59:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 18:59:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7FAB 3 KB
1 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:01:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7FAB 18 KB
7 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:01:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FAB 154 KB
47 KB 41ms
40ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 12:07:47 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 7FAB 34 KB
14 KB 9ms
8ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 00:37:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7FAB 0
0 74ms
73ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZYHhk6SEY4WXAeX8xtYPutebkAu069H2bPGW_9yCEabxhuOgAhABIIHY105gycapi8Ck2A-gAa2mh_woyAEJqAMByAPLBKoE9wFP0Mf-nHRRrJbY8DPYaL3ATv11i1rDE3TOoGeLYyjekv5CNYqD6afO5nPNXKv-GgZh8ZHoHmPWUFeBf0MwYAJ_KYShihQpMKXI9VpzbLrEeI_uCi-jRXd9S27pQTcHBtDm2pgCY0_yZENMDB474Ef_-B9y2x83U89zksbx5CKxvLzjlBgZekOvmBQyS0n4Ovl2WAvUTI-Nq6uKiop3fVKqRCZBNSNCh40GfmvE2jts0zWWg_3GPKuGnlRkxxnlfl9k4mKTL1BiNUgvSDRACKJUe4XKspDQ1HIZlmJDeEyE27rwbyYm9HuX8rFOdXEIeV6gdB3PO5IcwATusZSvlASSBQQIBBgBkgUECAUYBKAGLoAHrd7X2wOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCukwvSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNjAzNjA1NTk3NDM2ODgxMRgA&sigh=NBWXMlcdFLY&uach_m=[UACH]&cid=CAQSPADq26N9jMMRaXjeu5285ivSv_A8pw9gp6vc3FF3spdSrshz8Ty7QWvq3_WdIacR87r2UqfNxXWhQNJsMBgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=280&adk=3363353524&adf=4210465007&pi=t.aa~a.3989678080~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669637266&rafmt=1&to=qs&pwprc=2987544574&format=1200x280&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669637266972&bpp=1&bdt=2240&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab181eb5d4ffaf9-22e0ace583d8004b%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MbvPOlA4sVUrC81blL12ArSDxp98g&gpic=UID%3D000008bb41e897ab%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ&prev_fmts=0x0%2C330x250%2C1200x280&nras=3&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&psts=AMjMPc2NHrtlA4Nl7q0R5Bw1NTJ6vEP9ZCKooZws8IDurLNQ6-K34pTSm53Rus1HsRVE1OzzEA20sRF7CopuaXU&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=COPZr16iaq&p=http%3A//246r.5mhz.site&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 12:07:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 1808558670493273345
tpc.googlesyndication.com/simgad/ Frame 7FAB 86 KB
86 KB 8ms
5ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1808558670493273345?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5ca2440991aa868c0db07759c5da5c41a527e33725cdfcb6eb0320995ba022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 17:12:38 GMT
x-content-type-options: nosniff
age: 240910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87822
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 15:27:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 17:12:38 GMT

GET
DATA 200
OK truncated
/ Frame 7FAB 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7FAB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5407 1 KB
643 B 6ms
5ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 61584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 19:01:24 GMT
etag: 48472445140208031
expires: Mon, 28 Nov 2022 19:01:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7FAB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4baa6c82a6b61c7e4b37dbf67ac13de6150f7d3b966426182b2219a26358e0c3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7FAB 28 KB
28 KB 17ms
5ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 10:24:40 GMT
x-content-type-options: nosniff
age: 265388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 10:24:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8F89 2 KB
535 B 21ms
21ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669637266&rafmt=1&to=qs&pwprc=2987544574&format=1200x280&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669637266972&bpp=1&bdt=2240&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab181eb5d4ffaf9-22e0ace583d8004b%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MbvPOlA4sVUrC81blL12ArSDxp98g&gpic=UID%3D000008bb41e897ab%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ&prev_fmts=0x0%2C330x250&nras=2&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&psts=AMjMPc2NHrtlA4Nl7q0R5Bw1NTJ6vEP9ZCKooZws8IDurLNQ6-K34pTSm53Rus1HsRVE1OzzEA20sRF7CopuaXU&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=igsliU95HY&p=http%3A//246r.5mhz.site&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 12:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 10:56:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 12:07:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8F89 2 KB
765 B 5ms
5ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 20:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 20:19:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 8F89 23 KB
9 KB 6ms
6ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:59:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 18:59:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8F89 3 KB
1 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:01:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8F89 18 KB
7 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:01:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8F89 0
0 48ms
22ms Image
text/html 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQst_I6GcNZMmxjdc_3T1eh-SFpmC4qhNimi82U16w25Ku-5fPwBCCRF2lILoaMM62pr0hCVJy6JTFd7Vf_uqCufODCvw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669637266&rafmt=1&to=qs&pwprc=2987544574&format=1200x280&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669637266972&bpp=1&bdt=2240&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab181eb5d4ffaf9-22e0ace583d8004b%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MbvPOlA4sVUrC81blL12ArSDxp98g&gpic=UID%3D000008bb41e897ab%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ&prev_fmts=0x0%2C330x250&nras=2&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&psts=AMjMPc2NHrtlA4Nl7q0R5Bw1NTJ6vEP9ZCKooZws8IDurLNQ6-K34pTSm53Rus1HsRVE1OzzEA20sRF7CopuaXU&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=igsliU95HY&p=http%3A//246r.5mhz.site&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:824::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 8F89 34 KB
14 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 00:37:30 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5407 35 B
464 B 38ms
11ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF1ofds9-l7lbBV4adwhR2c&google_cver=1&google_push=ASkJ3FYmqfYF0eVp1Jk-508_nxBRCpxw5Q_MLEDHZz9-OdHRjX9xyBeQL31ELTUGkVQcCyx8IZaRHaI86oBShMUK4uktfPf81ms

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5407
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEMKZ7QeuXD6l3Qfq1heo2C8&google_cver=1&google_push=ASkJ3FbI4vh4gcJ_C_bVYcB0f-iBryXju6i3iscz6KjR_cy7oAJvbSPVRHaVwq3QqHsQE5XHaSsIv72KU39i9SpAxMrU-P7qBG38
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FbI4vh4gcJ_C_bVYcB0f-iBryXju6i3iscz6KjR_cy7oAJvbSPVRHaVwq3QqHsQE5XHaSsIv72KU39i9SpAxMrU-P7qBG38&google_hm=Q0FFU0VNS1o3UWV1WEQ2b...

170 B
188 B

25ms
23ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FbI4vh4gcJ_C_bVYcB0f-iBryXju6i3iscz6KjR_cy7oAJvbSPVRHaVwq3QqHsQE5XHaSsIv72KU39i9SpAxMrU-P7qBG38&google_hm=Q0FFU0VNS1o3UWV1WEQ2bDNRZnExaGVvMkM4

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:47 GMT
via: 1.1 8aaf4e35a42b4ec66419ffe455ca4f72.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: ORD51-C4
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FbI4vh4gcJ_C_bVYcB0f-iBryXju6i3iscz6KjR_cy7oAJvbSPVRHaVwq3QqHsQE5XHaSsIv72KU39i9SpAxMrU-P7qBG38&google_hm=Q0FFU0VNS1o3UWV1WEQ2bDNRZnExaGVvMkM4
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: NyevWKEOGFmSyfYfdPE4a18G_RawuYS63taXk_JhukDotCuHOfiMkw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5407
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3Faf45zi...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3Faf45zi...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjA3NDgwMDA2MDI1OTQwMDAxMQ%3D%3D&google_push=ASkJ3Faf45zi99TkEDI2sEaYJC94L6A9Ovf2ayz8noFzvfG1qQTHzj1aojBY_GHeJJMa0g...

170 B
188 B

22ms
21ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjA3NDgwMDA2MDI1OTQwMDAxMQ%3D%3D&google_push=ASkJ3Faf45zi99TkEDI2sEaYJC94L6A9Ovf2ayz8noFzvfG1qQTHzj1aojBY_GHeJJMa0gFnnU2wW9YWoQaqtiHWKowT9acsKJM4

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjA3NDgwMDA2MDI1OTQwMDAxMQ%3D%3D&google_push=ASkJ3Faf45zi99TkEDI2sEaYJC94L6A9Ovf2ayz8noFzvfG1qQTHzj1aojBY_GHeJJMa0gFnnU2wW9YWoQaqtiHWKowT9acsKJM4
pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 28 Nov 2022 12:07:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5407
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEEetDwgwp4YMlPmf6LSUV3E&google_push=ASkJ3Fa3iQrp_yvvXDjdu82TCOh5dGxVOybCyCwTHfg6Hf2KCZgg5XU71Z77FHckGD323zVVcVrMO5L4z5qbtch3SL-kDxF...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3Fa3iQrp_yvvXDjdu82TCOh5dGxVOybCyCwTHfg6Hf2KCZgg5XU71Z77FHckGD323zVVcVrMO5L4z5qbtch3SL-kDxFjK1jw&google_hm=MTA1OTQ4NTg4NjYyMD...

170 B
188 B

32ms
21ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3Fa3iQrp_yvvXDjdu82TCOh5dGxVOybCyCwTHfg6Hf2KCZgg5XU71Z77FHckGD323zVVcVrMO5L4z5qbtch3SL-kDxFjK1jw&google_hm=MTA1OTQ4NTg4NjYyMDY1MzE1NDE

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ASkJ3Fa3iQrp_yvvXDjdu82TCOh5dGxVOybCyCwTHfg6Hf2KCZgg5XU71Z77FHckGD323zVVcVrMO5L4z5qbtch3SL-kDxFjK1jw&google_hm=MTA1OTQ4NTg4NjYyMDY1MzE1NDE
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5407
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEKAGhM9IH2BdJFHArilbBpM&google_cver=1&google_push=ASkJ3FaD9npuYHjjnEfmR7CLL3_yUAEJXxkfTftYW-JkNU0SPtBBInsjZhvTw484ylDrozKs0yf4jrj67...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=ASkJ3FaD9npuYHjjnEfmR7CLL3_yUAEJXxkfTftYW-JkNU0SPtBBInsjZhvTw484ylDrozKs0yf4jrj67zIYBOrrkkGahMDp4oMQ&google_hm=MTA1OTQ5OTk2MD...

170 B
188 B

36ms
21ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=ASkJ3FaD9npuYHjjnEfmR7CLL3_yUAEJXxkfTftYW-JkNU0SPtBBInsjZhvTw484ylDrozKs0yf4jrj67zIYBOrrkkGahMDp4oMQ&google_hm=MTA1OTQ5OTk2MDM0ODUyODk1ODE

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=ASkJ3FaD9npuYHjjnEfmR7CLL3_yUAEJXxkfTftYW-JkNU0SPtBBInsjZhvTw484ylDrozKs0yf4jrj67zIYBOrrkkGahMDp4oMQ&google_hm=MTA1OTQ5OTk2MDM0ODUyODk1ODE
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5407
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_hm=Y4SklFXdLpk8fUUoHlEZwAAAAIEAAAAB&google_nid=index&google_push=ASkJ3FaQVOaQ1G5v5nSkvqCqE6ePI6DVVxY4h...

170 B
188 B

24ms
23ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_hm=Y4SklFXdLpk8fUUoHlEZwAAAAIEAAAAB&google_nid=index&google_push=ASkJ3FaQVOaQ1G5v5nSkvqCqE6ePI6DVVxY4hY_L3nq-1makUkwlQdvmvJuPRqDC5tNUv15Rr3x3_wdIf5fUTQk6rLqx1NtkgmzG

Requested by

Host: 246r.5mhz.site
URL: http://246r.5mhz.site/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vGoaQMfI7l4rygzw%2F7xW2Fa7aAy3IKRU%2F3BL3jNqLYbv%2F7wLQs0PKKpA6mTq%2FebemytrYwgf1lUgflw%2BsbWS3PDGTzZ3AiIKGaR5u4MwXHxVokjMO%2BHPUJWjkHJgimfndkAUU4Ia1wdqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_hm=Y4SklFXdLpk8fUUoHlEZwAAAAIEAAAAB&google_nid=index&google_push=ASkJ3FaQVOaQ1G5v5nSkvqCqE6ePI6DVVxY4hY_L3nq-1makUkwlQdvmvJuPRqDC5tNUv15Rr3x3_wdIf5fUTQk6rLqx1NtkgmzG
cache-control: no-cache
cf-ray: 7712fc3e4b88c3fd-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 5407 43 B
297 B 171ms
10ms Image
image/gif 2600:1f18:445b:900:327:d50c:4f94:3d20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBMpYsB3JXwKVM3MdTsvmf0&google_cver=1&google_push=ASkJ3Fa2qpNiRVIHljJbYCvTM-dlhPN0JvmD4gABIJ-a3Py53Ic6NzhfX44JYOQSMWkBbHupnbsOxwCwEGfYy6X4prcYsWp8hhzQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=280&adk=3363353524&adf=4210465007&pi=t.aa~a.3989678080~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669637266&rafmt=1&to=qs&pwprc=2987544574&format=1200x280&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669637266972&bpp=1&bdt=2240&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab181eb5d4ffaf9-22e0ace583d8004b%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MbvPOlA4sVUrC81blL12ArSDxp98g&gpic=UID%3D000008bb41e897ab%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ&prev_fmts=0x0%2C330x250%2C1200x280&nras=3&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&psts=AMjMPc2NHrtlA4Nl7q0R5Bw1NTJ6vEP9ZCKooZws8IDurLNQ6-K34pTSm53Rus1HsRVE1OzzEA20sRF7CopuaXU&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=COPZr16iaq&p=http%3A//246r.5mhz.site&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:900:327:d50c:4f94:3d20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5407 0
223 B 50ms
21ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I91g19VPe9wvouurnJ7TB7hey6-xLl3WMY0b_EAlybJWavUsYzxug5Xs3NHsIO_dCptU3S

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8F89 0
0 77ms
77ms Fetch
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COY3Zk6SEY61WzdrG1g-5loyICq7D9M5tsZnhxZYQ8N7AgrAwEAEggdjXTmDJxqmLwKTYD6ABjbnW5APIAQmpAttXJ-h39Kg-qAMByAPLBKoE5wFP0ExoxJti9zwSPcPrEO9N-LJ21ozRpHqzHzFI8ZXaYwTJ3uMA24fdJdPFy3blSadf2cjd_yioqIqa--rsbu1pMGi3VCOhljShuFD8QAKFt_ySETU4waKbUiWFhhD8QYcxbAayC01P_H2EMSlHExc8ob0OZiS1AX7F7BaEtmNaMYfo3rz-uCb5rt2FMp8T1egnrQJds3nrSLV9PwjuVLOFJKzCHTNndSBRzluENR1Rs-IaSibISOo77oOrNeqmIFhO663aJpf38I6Qyxv-pdI8dPpi_hx84jNYq91M4xifCZSfVnPJ01nABPvJ-ueCBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfbxqkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEIixM9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAZgMhJT3uI0EwhMGGI251uQD2BMO0BUBmBYBgBcBshccChoIABIUcHViLTYwMzYwNTU5NzQzNjg4MTEYAA&sigh=9p5C5RW1Re8&uach_m=[UACH]&cid=CAQSPADq26N9xTRJnAjXiqQoArbjIIi65I9GjSXbqsa34ynup2IIkbHeYwSJV8DBwk3HGSz1GInnms_Ao6P3aBgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036055974368811&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669637266&rafmt=1&to=qs&pwprc=2987544574&format=1200x280&url=http%3A%2F%2F246r.5mhz.site%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669637266972&bpp=1&bdt=2240&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deab181eb5d4ffaf9-22e0ace583d8004b%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MbvPOlA4sVUrC81blL12ArSDxp98g&gpic=UID%3D000008bb41e897ab%3AT%3D1669637265%3ART%3D1669637265%3AS%3DALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ&prev_fmts=0x0%2C330x250&nras=2&correlator=601280425811&frm=20&pv=1&ga_vid=1983815214.1669637265&ga_sid=1669637266&ga_hid=1934032035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&psts=AMjMPc2NHrtlA4Nl7q0R5Bw1NTJ6vEP9ZCKooZws8IDurLNQ6-K34pTSm53Rus1HsRVE1OzzEA20sRF7CopuaXU&pvsid=408788681590557&tmod=1647936461&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=igsliU95HY&p=http%3A//246r.5mhz.site&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 12:07:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8F89 60 KB
60 KB 13ms
11ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR33vjIOAEkNe9268sHaHGMrOJxj45ygH6sUt3P38d97mM45O40&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029fd4ed15d692cce912d69b9278ba6aa29394273bbd1999bfa029bb318ec0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 02:37:16 GMT
x-content-type-options: nosniff
age: 466232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60929
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 08:45:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 02:37:16 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8F89 21 KB
21 KB 11ms
9ms Image
image/jpeg 2607:f8b0:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTKn-mHBVOHwW7YG2m2KiwOfbuMbu3TbG9Qq_J4TRAJaU8cLwrOQBoorCeHrQ&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f325d2f08880a9f27f36ad36ea64bb5380f181b555389a7d59f41cf1367b243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:43:02 GMT
x-content-type-options: nosniff
age: 386686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21850
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 07:54:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 24 Nov 2023 00:43:02 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8F89 44 KB
44 KB 14ms
12ms Image
image/jpeg 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSlz2_tWBTlS_PLxWiXDYJbGdcihfBMf2EQYmUes5ClfYCjYBGsREVuURVmrvY&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2605a49b9c5050c58cd05b5ed83a954bb77c458dba43cebe1d3433eef288bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 02:09:06 GMT
x-content-type-options: nosniff
age: 381522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44914
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 00:02:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 24 Nov 2023 02:09:06 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 8F89 8 KB
8 KB 22ms
5ms Image
image/png 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSmqNjl6XrnDb4uRgGj_eFzoOHVCWU2Pmp-SjnIz2KcD3_To9lB&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e981d4fbdc1798f537b8ca3a1f907e1b5729a68ba109077a463985781672c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:42:43 GMT
x-content-type-options: nosniff
age: 447905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7890
x-xss-protection: 0
last-modified: Wed, 26 Sep 2018 21:36:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Nov 2023 07:42:43 GMT

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame E089 36 KB
16 KB 8ms
6ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 06:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 06:36:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F4E4 1 KB
643 B 7ms
6ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 61584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 19:01:24 GMT
etag: 48472445140208031
expires: Mon, 28 Nov 2022 19:01:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8F89 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53f3fdb8d86bec9ba77afab2a767cddfd70042a6bb7527630c0f8227cc33cb11

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 8F89 20 KB
20 KB 6ms
5ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 16:38:24 GMT
x-content-type-options: nosniff
age: 70164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 16:38:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4E4
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEDDA0Z3_EGZxuV3MU8L6r5A&google_cver=1&google_push=ASkJ3FZ-WRIThHLttThFFBpybtS7AeZn4fb-V2lY9H-5Tx7M39njx6TCzhscRwGCMMP5ewjYHjNqlrL8WhPpcNg...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=RYDbDcHQk9BYWAVnwDyZt0&tap=gAds&google_gid=CAESEDDA0Z3_EGZxuV3MU8L6r5A&google_cver=1&google_push=ASkJ3FZ-WRIThHLttThFFBpybtS7AeZn4fb-...

170 B
188 B

22ms
20ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=RYDbDcHQk9BYWAVnwDyZt0&tap=gAds&google_gid=CAESEDDA0Z3_EGZxuV3MU8L6r5A&google_cver=1&google_push=ASkJ3FZ-WRIThHLttThFFBpybtS7AeZn4fb-V2lY9H-5Tx7M39njx6TCzhscRwGCMMP5ewjYHjNqlrL8WhPpcNgRUspPdc_-Rw

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
date: Mon, 28 Nov 2022 12:07:51 GMT
last-modified: Tue, 11 Oct 2022 18:05:06 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=RYDbDcHQk9BYWAVnwDyZt0&tap=gAds&google_gid=CAESEDDA0Z3_EGZxuV3MU8L6r5A&google_cver=1&google_push=ASkJ3FZ-WRIThHLttThFFBpybtS7AeZn4fb-V2lY9H-5Tx7M39njx6TCzhscRwGCMMP5ewjYHjNqlrL8WhPpcNgRUspPdc_-Rw
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4E4
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESENyDoVynizH7AxlbGKb_ZK8&google_cver=1&google_push=ASkJ3FbQwB2pOCnZQe9NcnimYsUWUhJZ4V68EvBY0NbvEPsYUUPdHfX8-fGOqR6NnAAF_L_qJ_Nndf6Do-P2JK-mZSyCbbMOIy0
https://rtb.openx.net/sync/dds?google_gid=CAESENyDoVynizH7AxlbGKb_ZK8&google_cver=1&google_push=ASkJ3FbQwB2pOCnZQe9NcnimYsUWUhJZ4V68EvBY0NbvEPsYUUPdHfX8-fGOqR6NnAAF_L_qJ_Nndf6Do-P2JK-mZSyCbbMOIy0&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbQwB2pOCnZQe9NcnimYsUWUhJZ4V68EvBY0NbvEPsYUUPdHfX8-fGOqR6NnAAF_L_qJ_Nndf6Do-P2JK-mZSyCbbMOIy0&google_hm=O72ZrjebxC8MdBozdzOZ5Q==

170 B
188 B

22ms
22ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbQwB2pOCnZQe9NcnimYsUWUhJZ4V68EvBY0NbvEPsYUUPdHfX8-fGOqR6NnAAF_L_qJ_Nndf6Do-P2JK-mZSyCbbMOIy0&google_hm=O72ZrjebxC8MdBozdzOZ5Q==

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbQwB2pOCnZQe9NcnimYsUWUhJZ4V68EvBY0NbvEPsYUUPdHfX8-fGOqR6NnAAF_L_qJ_Nndf6Do-P2JK-mZSyCbbMOIy0&google_hm=O72ZrjebxC8MdBozdzOZ5Q==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 6i5l3dbd2ddab8fj28c39dr1kkklcg00

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4E4
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=97dYpfqDRouS5XemA-F6vA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
43ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=97dYpfqDRouS5XemA-F6vA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbONOVeBLJgjn-hd45NT89rCN6akxHLrvSW7ckGMDEZ0p-w99n1aKz-TFY7m3XK27ccRLhcCmZEtqZsST2cAz2vkSYwOZE

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=97dYpfqDRouS5XemA-F6vA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbONOVeBLJgjn-hd45NT89rCN6akxHLrvSW7ckGMDEZ0p-w99n1aKz-TFY7m3XK27ccRLhcCmZEtqZsST2cAz2vkSYwOZE
date: Mon, 28 Nov 2022 12:07:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4E4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKU5ESdhmpfEvpgUFrdAW0E&google_cver=1&google_push=ASkJ3FamPKc9z3LLyGrpYClvGZifkoUS0x9Ii0dNcNdKWhhNOSITrpTrJWh2iK1SQWzUZeED9lO...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUVg1SFUtMTUtSTdYNw==&google_push=ASkJ3FamPKc9z3LLyGrpYClvGZifkoUS0x9Ii0dNcNdKWhhNOSITrpTrJWh2iK1SQWzUZeED9lOefEEERTgZiI1fJHBvYYUzcw

170 B
188 B

23ms
22ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUVg1SFUtMTUtSTdYNw==&google_push=ASkJ3FamPKc9z3LLyGrpYClvGZifkoUS0x9Ii0dNcNdKWhhNOSITrpTrJWh2iK1SQWzUZeED9lOefEEERTgZiI1fJHBvYYUzcw

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUVg1SFUtMTUtSTdYNw==&google_push=ASkJ3FamPKc9z3LLyGrpYClvGZifkoUS0x9Ii0dNcNdKWhhNOSITrpTrJWh2iK1SQWzUZeED9lOefEEERTgZiI1fJHBvYYUzcw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c52bde874ac36e8646ae455e9e84952e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4E4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_hm=Y4SklFXdLpk8fUUoHlEZwAAAAIEAAAAB&google_nid=index&google_push=ASkJ3FZuwNN0Y7qIbXMBgAL5a28Qd7_w0LrCZ...

170 B
188 B

30ms
29ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_hm=Y4SklFXdLpk8fUUoHlEZwAAAAIEAAAAB&google_nid=index&google_push=ASkJ3FZuwNN0Y7qIbXMBgAL5a28Qd7_w0LrCZ83DJ7uarbzajrBdJ-CK-lmmauEK-UvheEq1sLU1uzgXZlXetf0VpUm_p8aozp4

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRM6h1xalo8mz5cXni%2FbTVSr%2FYiiaSZ0xuRguncTEJAR6vOuTTJxqenz4yjMicqlx4paFMKWAI%2BoG3waiETudoxn%2BEIlj98uneZPQj7N4Jln9PyWPaiUVc%2Be6TcU9PZuydZuelNH9nq5YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGHHZyUjENwqt9GAs7HkDQ&google_hm=Y4SklFXdLpk8fUUoHlEZwAAAAIEAAAAB&google_nid=index&google_push=ASkJ3FZuwNN0Y7qIbXMBgAL5a28Qd7_w0LrCZ83DJ7uarbzajrBdJ-CK-lmmauEK-UvheEq1sLU1uzgXZlXetf0VpUm_p8aozp4
cache-control: no-cache
cf-ray: 7712fc3f5da0c3fd-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4E4
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBMpYsB3JXwKVM3MdTsvmf0&google_cver=1&google_push=ASkJ3Fav5ZKXZdwBzenFAfYjSy__CftVyYfDa7Iyr98AMZhouBw5UkbeX9LsyjdOzpYiRGoN5Z7A9CVeRd96GULheNaQ9Ms...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3Fav5ZKXZdwBzenFAfYjSy__CftVyYfDa7Iyr98AMZhouBw5UkbeX9LsyjdOzpYiRGoN5Z7A9CVeRd96GULheNaQ9Ms_sbM&google_hm=kZrYtAWaQTCQ2SxUS...

170 B
188 B

32ms
28ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3Fav5ZKXZdwBzenFAfYjSy__CftVyYfDa7Iyr98AMZhouBw5UkbeX9LsyjdOzpYiRGoN5Z7A9CVeRd96GULheNaQ9Ms_sbM&google_hm=kZrYtAWaQTCQ2SxUS7p1ag

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3Fav5ZKXZdwBzenFAfYjSy__CftVyYfDa7Iyr98AMZhouBw5UkbeX9LsyjdOzpYiRGoN5Z7A9CVeRd96GULheNaQ9Ms_sbM&google_hm=kZrYtAWaQTCQ2SxUS7p1ag
pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
cache-control: no-cache
content-length: 0
request-time: 6
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4E4
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEDr8msPTgE1FGdk6_qU78yA&google_cver=1&google_push=ASkJ3FbpwXAyBIPUSfnU44pyNBiR2N8AUh49tKWb1tr4-S-Cz7VKCNiyDGXqn-R1eEmoT3XHQBLim-JmBWY--7kO6_fWhFpA0g
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FbpwXAyBIPUSfnU44pyNBiR2N8AUh49tKWb1tr4-S-Cz7VKCNiyDGXqn-R1eEmoT3XHQBLim-JmBWY--7kO6_fWhFpA0g&google_hm=4d1ce9305cf4aa080afed...

170 B
188 B

22ms
21ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FbpwXAyBIPUSfnU44pyNBiR2N8AUh49tKWb1tr4-S-Cz7VKCNiyDGXqn-R1eEmoT3XHQBLim-JmBWY--7kO6_fWhFpA0g&google_hm=4d1ce9305cf4aa080afed9488f106690

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FbpwXAyBIPUSfnU44pyNBiR2N8AUh49tKWb1tr4-S-Cz7VKCNiyDGXqn-R1eEmoT3XHQBLim-JmBWY--7kO6_fWhFpA0g&google_hm=4d1ce9305cf4aa080afed9488f106690
date: Mon, 28 Nov 2022 12:07:48 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F4E4 0
12 B 20ms
18ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDt4pjljKcZX_r0k3b-lMy-YkWanW6FglU750cl3s-nnK0HOGzeJ0P_h6nBaLpgC00XEXd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 60ms
34ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1910e75d4bb4f98115ac3c15e8971d1886ff6825bfd0c33c66f32c70cb84023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11253
x-xss-protection: 0

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame D9C6 36 KB
16 KB 12ms
12ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 06:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 06:36:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 12:07:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C1EA 42 B
64 B 64ms
64ms Fetch
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwnZ7-va7y9IXOBvW4ZJ07DBZwOe4V3NQijWA-LRxwwOuSO81YYztbZQSUuUXSMGRUO030METhtrK20bqukYeIdBZQAjrE50aVaulls53cwoAmC8sCCUWGEnpgwkKkQv5u8nI&sai=AMfl-YSAJc9z-bhOxvybstooaEFSTHCKaNccKT608SHR6XcjiGMtiXdi553Syrhdy_2ikl_YE8k9lMF6n7YlNeM&sig=Cg0ArKJSzO7NMXpCpRAREAE&cid=CAQSGwDq26N9fT9zN7m4R2uFXcJkOKjCyvq2nAovhRgBIBM&id=lidar2&mcvt=1066&p=0,0,124,1005&mtos=136,821,1066,1147,1147&tos=136,685,245,81,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1669637267064&rpt=308&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:07:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9852 13 KB
5 KB 12ms
4ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://246r.5mhz.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 06:52:57 GMT
expires: Tue, 28 Nov 2023 06:52:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 05E5 783 B
535 B 42ms
24ms Document
text/html 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

476621fee8a2747f6ff299811c95c3bed3bdba50385219ccd8093e2d20d9f8f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zpnDKKxrpZ96pre2AZYpXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://246r.5mhz.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-zpnDKKxrpZ96pre2AZYpXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:07:48 GMT
expires: Mon, 28 Nov 2022 12:07:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9852 36 KB
16 KB 4ms
3ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 06:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 06:36:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 05E5 0
0 76ms
62ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=408788681590557&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9852 0
10 B 8ms
7ms Image
text/plain 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lxaNxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:07:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 67ms
66ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=408788681590557&bg=!7O-l76vNAAbvMpMzzzI7ACkAdvg8WptEbXn0EuvrogG1DPwiaYdkF2X8RL_eHn5GlNYECLLZZ9G92wIAAAClUgAAAAtoAQcKAKlgNfHY-mou4KAF8sAyYzgsM7T2eMmJ3wRjY43ghAspjdjgGlDvK1bRwkdWIdA29iBd6Fcp1EbpeDAI3LmQ8dT12grQH0EjLOf5kTVDyhE1FUcfYufdISd_SniQCiV6LYvVhkWvDnG2nzv2YjUORdwXsyRBThZMgbrsd5TjOwcgNhZOWU2lpETBAgFsBWIhxhu_13kIiISjzLtNum-xPJlYQGimXH4-zIqImQKSgG8-UXkUuUPcadhzK2cV-GtvImft_gcX-5zdsqXX60RDDOSM4k5bBaWUjKryaDiNpxHoEArDmByFGh-_zQalmKfh5pOVJRbp9vDPuxhauf3Cx5s2ugxTHCFu0DgwUP659PCxRRMxG6BifEX9bAjVAQi80qC5rE_Zz-Q4yzm3Kf8lyXJmR3vFs_Yh4erzH67yNL8DjBXsoluOa0ziTOF6E-u6lZmSWEszNRVK_3zD-DdETNA0sY_Vwj6wmjNv1ZmGJ5fUR-MWIFTqo69y7EJvIA0lGVgDpmwTnw_GkrxdECLXDrw7_vjg-eC4F9qDpCPmeoIabLuRUB7DLykT1qIcpx0TVoAgxR4MVYjf-OVp0v6_hOyYdRGZAutaK4BvNNDvrs9Tse3QZi5sspZ9kFr4JbMlc5NYc1VoR6bRURuW48jULe1QemidTKGwZ-8OUj2LauAdM0sojnXiJBZWF9CLmuIgcSa_vYzUvuIkZgNQv0lvYac9EvcJXazfrTc1-qyiRA-Z_EDS4rw19wc2V2jznXMaDVKf-QNUicWEwFNln0nzDiMCpOVNQh94ZKrtgTkEgJ6EediUg4iQ3cM3OvFLlBbTo-BA5VARY2wiH2SBbdV444rgmXbsMUmruBkW9v25M5k3jrMLg6DX2Vy-PnG_OY5jGzVmpEkELzXRZTsoQnpY0kbCvZxAEwjx8YQgCya6HSFRLViMpGC70tBWpYFbQHvBy8f_Jij5UG4pL1VVoYeDs8lIHl2RxzUQdO6KNTHeTCuJ0t4lswl-QnbQtoA6dKK_xD6Zd--LySwvsdcS_pLRYCaA9m-Gyww32S4QMeMw-qg0Cyugu-MY2BACON1911pQ5gmr8uGSZmF0myunMO-_7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://246r.5mhz.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.5mhz.site/	1970-01-20 07:48:43	Name: _gid Value: GA1.2.1467615302.1669637265
.5mhz.site/	1970-01-20 07:47:17	Name: _gat_gtag_UA_105730599_2 Value: 1
.5mhz.site/	1970-01-20 17:23:17	Name: _ga_Z5SPF3VMD8 Value: GS1.1.1669637265.1.0.1669637265.0.0.0
.5mhz.site/	1970-01-20 17:23:17	Name: _ga Value: GA1.1.1983815214.1669637265
.5mhz.site/	1970-01-20 17:08:53	Name: __gads Value: ID=eab181eb5d4ffaf9-22e0ace583d8004b:T=1669637265:RT=1669637265:S=ALNI_MbvPOlA4sVUrC81blL12ArSDxp98g
.5mhz.site/	1970-01-20 17:08:53	Name: __gpi Value: UID=000008bb41e897ab:T=1669637265:RT=1669637265:S=ALNI_MYsTRZrPLFIp0rm1-vxuYy32iwpGQ
.doubleclick.net/	1970-01-20 17:23:17	Name: IDE Value: AHWqTUki3yX7MCTOIyGWM1n1Aq_apW57PKtgHZpBS_aMaGxGH1k9-_XQkURTbqJzLAs
.doubleclick.net/	1970-01-20 07:47:18	Name: test_cookie Value: CheckForPermission
.quantserve.com/	1970-01-20 09:56:53	Name: d Value: EGgBCQHXJ4EA
.quantserve.com/	1970-01-20 17:17:31	Name: mc Value: 6384a494-274ea-fdae7-971fb
.casalemedia.com/	1970-01-20 16:32:53	Name: CMID Value: Y4SklFXdLpk8fUUoHlEZwAAA
.casalemedia.com/	1970-01-20 09:56:53	Name: CMPS Value: 129
.casalemedia.com/	1970-01-20 09:56:53	Name: CMPRO Value: 129
.mookie1.com/	1970-01-20 17:16:05	Name: id Value: 10594858866206531541
.mookie1.com/	1970-01-20 17:16:05	Name: mdata Value: 1\|10594858866206531541\|1669637268179
.mookie1.com/	1970-01-20 17:16:05	Name: ov Value: c15ffd00f0d39ddef79241f833aa04ea
.agkn.com/	1970-01-20 16:32:53	Name: ab Value: 0001%3AmB%2FR5J13cQpQvj9ZQUstNxG6yzn4K%2FfG
.agkn.com/	1970-01-20 16:32:53	Name: u Value: C\|0CEArF2EUKxdhFAAAAAAAAQ13AQCAAQpAAAAAAA
.innovid.com/	1970-01-20 09:56:53	Name: uuid Value: 919ad8b4-059a-4130-90d9-2c544bba756a-20221128 07:07:48
.e.dlx.addthis.com/	1970-01-20 17:17:31	Name: na_tc Value: Y
.casalemedia.com/	1970-01-20 09:56:53	Name: CMTS Value: 1319
.adingo.jp/	1970-01-20 08:30:29	Name: ID Value: 4d1ce9305cf4aa080afed9488f106690
.pubmatic.com/	1970-01-20 07:48:43	Name: KTPCACOOKIE Value: YES
.openx.net/	1970-01-20 16:32:53	Name: i Value: 37472ccb-379a-42f6-b0d6-9e6cc00d90a2\|1669637268
.addthis.com/	1970-01-20 17:17:31	Name: na_id Value: 2022112812074800060259400011
.addthis.com/	1970-01-20 17:17:31	Name: na_tc Value: Y
.addthis.com/	1970-01-20 17:17:31	Name: uid Value: 6384a494932899f1
.addthis.com/	1970-01-20 17:17:31	Name: ouid Value: 6384a4940001e896ccb20777dd6e297a9a0f22a7869a8f32877a
.dlx.addthis.com/	1970-01-20 08:30:29	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 08:30:29	Name: na_sr Value: 20221128
.dlx.addthis.com/	1970-01-20 07:47:17	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 08:30:29	Name: na_sc_e Value: 0
.pubmatic.com/	1970-01-20 09:56:53	Name: KADUSERCOOKIE Value: F7B758A5-FA83-468B-92E5-77A603E17ABC

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-6036055974368811&fa=1&ifi=6&uci=a!6&btvi=4&xpc=GsfEklMyxJ&p=http%3A//246r.5mhz.site Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

246r.5mhz.site
adservice.google.com
ag.innovid.com
beacon.walmart.com
c0.wp.com
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
rtb.openx.net
ssum-sec.casalemedia.com
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.251.40.162
157.7.107.73
172.64.154.237
192.0.76.3
192.0.77.2
192.0.77.37
20.230.171.39
23.197.21.62
2600:1f18:445b:900:327:d50c:4f94:3d20
2600:9000:2211:2e00:19:fc2c:a140:93a1
2607:f8b0:4006:808::2003
2607:f8b0:4006:808::2008
2607:f8b0:4006:80a::200e
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2001
2607:f8b0:4006:824::2004
2620:116:800b:21:1456:d0e1:7db4:a56b
35.190.90.30
35.227.252.103
54.198.81.87
8.28.7.81
8.43.72.97
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
029fd4ed15d692cce912d69b9278ba6aa29394273bbd1999bfa029bb318ec0fe
055acd64f4442b4455e57e0414b04f2ab5a47dd055546444aac5c8881224e9d6
05859285e54fa6bd4da879248c84a13c4eb317faaf65c22af180324d10c30143
08a1c8d29dd5d4da9a89c6f7ea6a2a444875d006873ea33b2e4fb5e6e4538a1b
0a91cd0db5b608cbe95d5b05abc078614023f7a86e4b99187ebaa5782dd2a636
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f325d2f08880a9f27f36ad36ea64bb5380f181b555389a7d59f41cf1367b243
121e44e5cd8e8a76924297474378f77b2c14261d26b705fc7bccae56b3984133
17614df6c750aa8498821c06fd9e1f21d52807b1aa47ee506a21ed90108ebace
1c98a8d8813ac4e8d1d79e5b5981c41ecce80bfdb7e55b70430e429690a0dbfe
258149ef4839e6780c8efa1d8b69a5223fc72797a53af0c47107b99fc6345d95
2af84ac5b3f3da7c5da97468a470ccab874d50cbf9bb4b89dfd2ac6491789964
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ff56f993a73deb5b7130619bec561e3306463649fa4fd29e0fba58158bf9e17
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
36e154a8632a90cdc086cc19acf55293f536cba62e9e32543ea11fd0273fe99d
37fa576d4c1a5e70993a211461fabe5e8473af031573b57dcfd7874bedb39d6a
3a333f329ac42f2149d5424d5d60369e84af24cb5b27153c27ecd1c968243519
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45181642f6df106e2a237fa50c610755d00ee3ad805042efb593509c0598d1bd
476621fee8a2747f6ff299811c95c3bed3bdba50385219ccd8093e2d20d9f8f8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4baa6c82a6b61c7e4b37dbf67ac13de6150f7d3b966426182b2219a26358e0c3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e981d4fbdc1798f537b8ca3a1f907e1b5729a68ba109077a463985781672c10
5072185bb6070502d0349bc1590b5dd7c5b338d806790b16f45ef015d27365fe
53f3fdb8d86bec9ba77afab2a767cddfd70042a6bb7527630c0f8227cc33cb11
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5610920381c1d3e5472f5655fa046ccd1e41245ecb17463018f5859bae5ab33b
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5dd707549f74f6260d97d87387d21f0b64f7c3f4835395b58cb21fb1521e67a1
60e87c22bbd5709ec160cdbd9a13b0fb7e93b8ec9d07fd547765a8638391b8e1
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
740048e89766bca1d388ecc2321d719de520b2be882f1f220b852ab92383bade
74b88e3c74597c256390ff0cf19b7bc9c5427ca2b0651959c164b29253965871
75d7fd1066c67dfe078b0cf1fe3863d2b883076cb6f4e41988708179f7e18488
781f95266dcfd8fa8889009f37c8ca55813776b3ffe05405b8d93bd47ee5629c
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85caa4d3cc6269b39ec71fb6518ff888452553ecd35ea7377d1a3e22a5d2d54e
8c533cb6230f1beb02ee886b2061fb5bd6723cf2c16c2f5a9c4987f04c36dce1
8ed668dc53e7130a7e54e18c6ad5752d81da9d29b46fc18606ea92307c383013
94a3ea9bf0e3003e9c0ac28d56ba32400a69cf588828edd9675e30cb0aedd98e
96852267480e97e11f1058af3c56a86368b3c6647c2c4de7a69de2a693be9f68
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ee2a19a1aa7c61fa18c4e70e65f3f9d844cb99836688bf73b569ae9b2383749
a06ebe3c8f1e2ee869050a5deb1744010f88f5d40f55d3f7e5a58218a9aab4b8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b03043d89e80a8dd0aa7fe80e5aa14eff5e16503d1c299081b586e2ec4c6a8
a4ee055a22de8bb114a660d2e36827aba086e3c0e7934368c81d35664f7cce9c
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a98497a7eda7c1411ccc49250208a7cb52972631bbc110589a425b369318470b
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adca101fbbf2a8901b5452b9df21ed31daae2bea69221dc7331a9d9581dfcf0b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7768c31dec7b35b9e2cfc839359500ee91b24d489ebef9be70a86cc34bf4e7b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c9849457018dfaf28e3ceb6a612d6f93389149fe188af6645a9ce0f5da393791
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
cba1068498dd6aa0dc5f6d798d3659328ebbe837de441204f49a26040cf5c101
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd5ca2440991aa868c0db07759c5da5c41a527e33725cdfcb6eb0320995ba022
cdf93570bd9f6ab9886b48e0826fcba43c1613bb3ac126a39e2efc71fcbb6e23
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d204699f2c308581a270e14759b081ed747e65f50f04bec6ac2d00e34ba3bd71
d24ebcb01a7355b1726bc96ecd2bb70c3671cc1337ea16a64d71ede861e48c9c
d2605a49b9c5050c58cd05b5ed83a954bb77c458dba43cebe1d3433eef288bc6
d5cab29ad842e0218f549499a28670f865e87e31a81dccbeb9baf460c20b43e4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8cb51130e3b6811c3661f3d359acfa498c0b1554a565bd3bfc6fb39b5574789
e1910e75d4bb4f98115ac3c15e8971d1886ff6825bfd0c33c66f32c70cb84023
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

246r.5mhz.site Open in urlscan Pro 157.7.107.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

142 Requests

82 %HTTPS

58 %IPv6

22 Domains

33 Subdomains

23 IPs

2 Countries

2406 kBTransfer

4884 kBSize

33 Cookies

4 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

246r.5mhz.site Open in urlscan Pro
157.7.107.73 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

82 %
HTTPS

58 %
IPv6

22
Domains

33
Subdomains

23
IPs

2
Countries

2406 kB
Transfer

4884 kB
Size

33
Cookies

142 HTTP transactions
6 data transactions