www.hits2mali.net Open in urlscan Pro
2606:4700:3033::6815:266b Public Scan

URL:
https://www.hits2mali.net/
Submission: On March 15 via api (March 15th 2021, 4:30:51 pm UTC) from US

Summary HTTP 247 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 40 IPs in 8 countries across 29 domains to perform 247 HTTP transactions. The main IP is 2606:4700:3033::6815:266b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hits2mali.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 23rd 2021. Valid for: a year.

This is the only time www.hits2mali.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	2606:4700:303... 2606:4700:3033::6815:266b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:2182:5e00:7:6b7b:1000:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
14	89.163.211.233 89.163.211.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 55	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
1 16	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	54.93.142.164 54.93.142.164	16509 (AMAZON-02) (AMAZON-02)
3 3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	84.53.189.33 84.53.189.33	16625 (AKAMAI-AS) (AKAMAI-AS)
2	89.163.211.242 89.163.211.242	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1 5	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2 2	52.35.2.64 52.35.2.64	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.20 217.182.200.20	16276 (OVH) (OVH)
4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1 2	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
4	217.79.179.79 217.79.179.79	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	77.74.178.23 77.74.178.23	200107 (KL-EXT) (KL-EXT)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
247	40

45 2606:4700:3033::6815:266b (United States)

ASN13335 (CLOUDFLARENET, US)

www.hits2mali.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:5e00:7:6b7b:1000:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdki.truepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 89.163.211.233 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

brain.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.227.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.142.164 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-142-164.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 84.53.189.33 (Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a84-53-189-33.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.163.211.242 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

cdn.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 116.202.48.214 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

ad13.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.35.2.64 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-2-64.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.20 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Ketsch, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

ad3.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.148.9 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.79.179.79 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: n079.navy.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.74.178.23 (Russian Federation)

ASN200107 (KL-EXT, RU)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	562 KB
45	hits2mali.net www.hits2mali.net	822 KB
43	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	196 KB
16	rvty.net brain.rvty.net cdn.rvty.net	98 KB
11	ad-srv.net 1 redirects ad.ad-srv.net ad13.ad-srv.net ad3.ad-srv.net	16 KB
10	google.com 4 redirects adservice.google.com www.google.com	999 B
10	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	220 KB
7	ampproject.org cdn.ampproject.org	123 KB
7	googletagservices.com www.googletagservices.com	231 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	contentspread.net cdn.contentspread.net	9 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com	3 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	2 KB
3	openx.net 3 redirects rtb.openx.net	1003 B
3	google.de adservice.google.de www.google.de	1 KB
2	awin1.com 1 redirects www.awin1.com	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	2mdn.net s0.2mdn.net	46 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	920 B
2	quantserve.com 1 redirects cms.quantserve.com	800 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	62 KB
2	truepush.com sdki.truepush.com	19 KB
1	kaspersky.com media.kaspersky.com	30 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	306 B
1	agkn.com 1 redirects d.agkn.com	665 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	googleadservices.com partner.googleadservices.com	262 B
1	googletagmanager.com www.googletagmanager.com	39 KB
247	29

	Domain	Requested by
61	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com www.hits2mali.net cdn.ampproject.org pagead2.googlesyndication.com
45	www.hits2mali.net	www.hits2mali.net
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.hits2mali.net
19	pagead2.googlesyndication.com	www.hits2mali.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net www.hits2mali.net
14	brain.rvty.net	googleads.g.doubleclick.net cdn.rvty.net
8	www.google.com	4 redirects www.hits2mali.net googleads.g.doubleclick.net
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	ad13.ad-srv.net	1 redirects brain.rvty.net ad13.ad-srv.net
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	www.hits2mali.net tpc.googlesyndication.com googleads.g.doubleclick.net
4	cdn.contentspread.net	ad13.ad-srv.net ad3.ad-srv.net
4	ad3.ad-srv.net	ad.ad-srv.net ad3.ad-srv.net
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	rtb.openx.net	3 redirects
2	www.awin1.com	1 redirects ad3.ad-srv.net
2	e.dlx.addthis.com	2 redirects
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	s0.2mdn.net	tpc.googlesyndication.com
2	ad.ad-srv.net	brain.rvty.net ad13.ad-srv.net
2	cdn.rvty.net	brain.rvty.net cdn.rvty.net
2	pixel.rubiconproject.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.hits2mali.net connect.facebook.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	sdki.truepush.com	www.hits2mali.net sdki.truepush.com
1	media.kaspersky.com	ad3.ad-srv.net
1	googlecm.hit.gemius.pl	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	www.google.de	www.hits2mali.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.hits2mali.net
247	41

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
youtube.com
api.whatsapp.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-23` - `2022-02-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sdki.truepush.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.rvty.net Sectigo RSA Domain Validation Secure Server CA	`2020-09-02` - `2021-10-04`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
ad-srv.net R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
cdn.contentspread.net Go Daddy Secure Certificate Authority - G2	`2020-07-08` - `2021-07-08`	a year	crt.sh
media.kaspersky.com DigiCert SHA2 Secure Server CA	`2020-05-14` - `2021-05-19`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.hits2mali.net/
Frame ID: 9FAF93D29718BAAC7994AAFDF852CC13
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Frame ID: 26F52F5DF1E1F0C71EC82068D8C3436A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&adk=1812271804&adf=3025194257&lmt=1615823566&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fwww.hits2mali.net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615825828427&bpp=15&bdt=122&idt=187&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7210220457823&frm=20&pv=2&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207
Frame ID: 1B7552786B3CBF63C807CEF6F4587971
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=90&slotname=2480428536&adk=3466934027&adf=3899349527&pi=t.ma~as.2480428536&w=728&lmt=1615823566&tp=site_kit&psa=0&format=728x90&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828481&bpp=3&bdt=175&idt=258&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6g7mSVCRNe&p=https%3A//www.hits2mali.net&dtd=264
Frame ID: FAB8DD679722EF768362BFF6FC4A450A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=60&slotname=2028032198&adk=3294615308&adf=1761816237&pi=t.ma~as.2028032198&w=468&lmt=1615823566&tp=site_kit&psa=0&format=468x60&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828509&bpp=1&bdt=203&idt=254&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=368&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPHJ2FoUqi&p=https%3A//www.hits2mali.net&dtd=259
Frame ID: 6F3984FA7C5A5118A83E6E95A093F634
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&slotname=3837896442&adk=1853870413&adf=593623235&pi=t.ma~as.3837896442&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615825828554&bpp=3&bdt=248&idt=220&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LAhUG1Nlma&p=https%3A//www.hits2mali.net&dtd=223
Frame ID: 5636A89FEDD4C2FD8FACDEA754A76C5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&adk=4259213273&adf=1963878168&pi=t.aa~a.2381849747~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=3&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280&nras=2&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5pTZUWhX8u&p=https%3A//www.hits2mali.net&dtd=17
Frame ID: 175DDBE8CA2AEE00D8A364BE35749FC1
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23
Frame ID: 40DD0E2B9C53FABFE2758BDBD6F2FA5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=4065040184&pi=t.aa~a.2381864193~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=2&bdt=595&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100&nras=4&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cBhtqnQAAL&p=https%3A//www.hits2mali.net&dtd=27
Frame ID: 0AB5BEAA4AAABBA0A87CFD9B02CDB5F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=50&adk=3687757306&adf=2483254975&pi=t.aa~a.1285396622~rp.4&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x50&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100%2C367x100&nras=5&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZAvUnH8yKR&p=https%3A//www.hits2mali.net&dtd=32
Frame ID: 48A84860FE29146137A0CFC65C53EB4C
Requests: 1 HTTP requests in this frame

Frame: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
Frame ID: 0CF0C8EA6760DCE53ACEB7AA37BC7F41
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D07B18B06E29CC967884A2B8AC690AC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/index.html
Frame ID: 5E6C7A5291BB5FCCCB41FCA167FDBA77
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A602C563D6C1F9BD4647DBA3D52987CA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html
Frame ID: 53C80E05EAC3C203328768E05DFE3FDF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CeJ3LpItPYL2KOs--bLyDmqgOuMv12WHQ17er1A2L_PTrzSIQASCzh-1wYJWKuILIB6AB7__f4QLIAQmpAlqpvjoZX7c-qAMByANIqgS8AU_Q4oBRgCw6SLtqAV5862w6vuxJWoZZ2k0aQYg_WcJ-rw7ReJedIT41qVAC3j-kRrgbgF7qwwM6gHJ18bhRp7rgvxpz3ciDisWjce65EpfvHZKsadrSSp0iL4eh80Fgi0nlQ6SbzBl4zlsRgyCPSZJu0L1H5JGMzXnbXwBXrRV340HOytCLrVc5XBD5TLBYIlRaN2r_mlaRTw_ZAsd-m0iupdss2ix_Bu3Co6rbIasBO04evA80FGTjbz0twAT-79TAtAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-f-fngGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ9q4U0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTIxNjYzMDUyNzY0MjI5OTc&sigh=ufKYnq4me94&template_id=419&tpd=AGWhJmsYc2VRtHcTAI78jrWhzJpOlKFNtLNo4tATwsIfyaPSqw
Frame ID: F6F82746D2D0701AF577D2A2F8B5162A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html
Frame ID: AC8BC3C9358EC65A03EA9A8927B8182C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CpyNwpItPYMfUMJSTlgS02ovwA7ngwNJhgbPpjK8NrgIQASCzh-1wYJWKuILIB6AB0Maj4QPIAQmpAiLReUlCbn8-qAMByANIqgS2AU_Q1tXuy4HLzfnyC_clNslOVeD9E0Yyjo39gxq3OI9OhkjgsSgwOsGyCK1fdfqRbdNhsN9ZRr_kHoQbBWzRyo2unK6wUZx3e9dY_N_ADBdahg1b0ZF5vTXnIkR8NXy7SJ6kK4VHw2HicDZ5I6JXxsMTC10grmJ0Y2XjsSFy7sV6ed31Fr9-iGFWiuvECOhspxGr5KwMDwH8GdMURtqksSmTRoCSuSfc9431dY-PIeYicKj2BuZCwATfl-DQmQKSBQQIBBgBkgUECAUYBKAGLoAHmLncHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDJ5CLSCAkIgOGAEBABGB-ACgHICwHYEwyYFgGyFxoKGAgAEhRwdWItMjE2NjMwNTI3NjQyMjk5Nw&sigh=UtF1-wFm624&template_id=419&tpd=AGWhJmt5t9yk1gdOyWIzErHjii8V4vYBeamMV5XNcQyxtgsU5g
Frame ID: 518EF74F803755DC0D8575D1A2563483
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 54D9E23066A8387086A6C2CEC0C30A1F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 662DD8D25CB34355E03E93C3ABCDC7C2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: B0E2A0D50C6B930316C57C4EF403D447
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F339637DE44038CB663EB9DC56945E49
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html
Frame ID: 6760C0162DB1585FC26C2ED1C77F16A1
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CtzZHpItPYK7JOauB9fgP1OeGwAm4y_XZYdDXt6vUDYv89OvNIhABILOH7XBglYq4gsgHoAHv_9_hAsgBCakCWqm-Ohlftz6oAwHIA0iqBL4BT9Cl-A6lidN5nU8wjF1mrylKPrCToKrhLnsCTFq-71lpQmnq17Ei-Ov6i2TVNSjRbPHk1KzdO8KFDhQ1ucQFhVGemwdC4LRuQGYr-lCa5f5IC1UE346MlGUUqABPDohoGi2kOAfHo7n7ixYdBBweLmy4tTuRODbnGpIdfkx3c5G6v9ERHdB1ptf9YAvH2YEornmeQ5bJvKtajGkUzEciO1QrT_W3DjR-ke_ehCV5PSHF7yEom6-kcL0LVw5RDMAE_u_UwLQDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_n_n54BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJXGAdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0yMTY2MzA1Mjc2NDIyOTk3&sigh=UMX-qgUHQbc&template_id=419&tpd=AGWhJms_q1BDTMWitOI1KjkS07ximfwlNqqMS2IPD7rSE8blKQ
Frame ID: C76897B793ADD76E6AA25BB34142BA53
Requests: 7 HTTP requests in this frame

Frame: https://ad13.ad-srv.net/request_content.php?s=69148500153115300906801011534013&a=7ce6d18f
Frame ID: 0F44EB9258BE64DDDD5C57A13658DB38
Requests: 8 HTTP requests in this frame

Frame: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Frame ID: 250CC94A350DED9A9197C7EC1DD97319
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D7F8C20CFDA02473C099B6480ADECDDC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Frame ID: 6CD9B8231D22F3DD4F5C267AAB0283D4
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519520&v=14098&q=368694&r=278235&pv=1&pref1=70685700198755200905267011534003
Frame ID: 349D8619A4B370659D254D3E0D24C833
Requests: 1 HTTP requests in this frame

Frame: https://ad3.ad-srv.net/request_content.php?s=70685700198755200905267011534003&a=73a77638
Frame ID: 6DF3321F11F85533C7AF072077D02EBD
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: F121F384111F17F43D0360DACE93D8A6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

247
Requests

100 %
HTTPS

60 %
IPv6

29
Domains

41
Subdomains

40
IPs

8
Countries

2494 kB
Transfer

5910 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/hits2mali/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hits2mali_officiel/

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCV7UbOnMKFaF4TUki3Rw6AQ/?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=+22375153405

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3725257605;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CKbuw6Tcsu8CFabuuwgdHNkD2Q;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3725257605;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 93

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUI8mkpfnjjgGfVIXZ63bGz7gy9iFwMQf2zpG5Ay-v-ix_WGLGFtI_HHCVxwaDmkMYZr2yLU_ETiRui2s7d3OMch93fKXCjD&google_gid=CAESEC3UYRGXPEV-ujlYi3hVdy8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVATHBRQUFCQkI4VWhkMQ&google_push=AQvitUI8mkpfnjjgGfVIXZ63bGz7gy9iFwMQf2zpG5Ay-v-ix_WGLGFtI_HHCVxwaDmkMYZr2yLU_ETiRui2s7d3OMch93fKXCjD

Request Chain 94

https://d.agkn.com/pixel/2175/?google_gid=CAESEHjSV9fENw7SxuoZwEBq0gU&google_cver=1&google_push=AQvitULombakAXmJn01KIKzIXXPaC4VulQ9tuQgl3gjnMtq_irlf7ug7cq7SABPGbS8SlTRGt9muHsNZ_DfnAnaylOHZ0n4FNduWsg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VIalNWOWZFTnc3U3h1b1p3RUJxMGdV

Request Chain 95

https://rtb.openx.net/sync/dds?google_gid=CAESEFAv9klbaqqxzF7E3EYWSW0&google_cver=1&google_push=AQvitULJMIb9NRqYFrGM-9_MBuZ1R9L2Up5xg0ww_mP-TMaV8U4M7VDFMv5CKhvdZQZk7FwAHMjm6G593DosbERA_wkkSZLKakkU3Q HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFAv9klbaqqxzF7E3EYWSW0&google_cver=1&google_push=AQvitULJMIb9NRqYFrGM-9_MBuZ1R9L2Up5xg0ww_mP-TMaV8U4M7VDFMv5CKhvdZQZk7FwAHMjm6G593DosbERA_wkkSZLKakkU3Q&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULJMIb9NRqYFrGM-9_MBuZ1R9L2Up5xg0ww_mP-TMaV8U4M7VDFMv5CKhvdZQZk7FwAHMjm6G593DosbERA_wkkSZLKakkU3Q&google_hm=OdHUmRv1znIrbzB0EktYrA==

Request Chain 96

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBBiQqNFwia6CkYqDFnD_wg&google_cver=1&google_push=AQvitUIjx1RIqj7DRPC0xVzDG9uU9IQpVPTjGRoWBraIodt89BNMhRH_ouOXx6J9VAUpp0wjRVzBub0hHjscbqnq4JhrsNTol1EioQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBBiQqNFwia6CkYqDFnD_wg&google_cver=1&google_push=AQvitUIjx1RIqj7DRPC0xVzDG9uU9IQpVPTjGRoWBraIodt89BNMhRH_ouOXx6J9VAUpp0wjRVzBub0hHjscbqnq4JhrsNTol1EioQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wbMBDdmAS5626F0rJdLRyQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIjx1RIqj7DRPC0xVzDG9uU9IQpVPTjGRoWBraIodt89BNMhRH_ouOXx6J9VAUpp0wjRVzBub0hHjscbqnq4JhrsNTol1EioQ

Request Chain 97

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBXyteUi2spqaFUzO8WlDTo&google_cver=1&google_push=AQvitUJsGKb12_oZspNkZ88VRp43Z5ernJ1hr1FCPv3iCNLPLGk43CoWC5QXKUElQStiPNv2d0k0Di1VluLnOal_vyizPuRqA2OLjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01BU1o5ODQtUS1BUVda&google_push=AQvitUJsGKb12_oZspNkZ88VRp43Z5ernJ1hr1FCPv3iCNLPLGk43CoWC5QXKUElQStiPNv2d0k0Di1VluLnOal_vyizPuRqA2OLjg

Request Chain 98

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMMiSgxiaBuIRrWjvnBYNmk&google_cver=1&google_push=AQvitUKmQAxLQy9k0XE6mqHUvVQ8HeeZfEk_qTUOmgNY5HJx5LELhOh2Mb5aHmaBBeQe7x0nK_2VhPK7L8pNVVecZD_tsNyjkKGMiA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMMiSgxiaBuIRrWjvnBYNmk&google_cver=1&google_push=AQvitUKmQAxLQy9k0XE6mqHUvVQ8HeeZfEk_qTUOmgNY5HJx5LELhOh2Mb5aHmaBBeQe7x0nK_2VhPK7L8pNVVecZD_tsNyjkKGMiA&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YE-LpbwgTlTeGNMWb7yFkgAAASEAAAIB&google_push=AQvitUKmQAxLQy9k0XE6mqHUvVQ8HeeZfEk_qTUOmgNY5HJx5LELhOh2Mb5aHmaBBeQe7x0nK_2VhPK7L8pNVVecZD_tsNyjkKGMiA&google_cver=1&google_gid=CAESEMMiSgxiaBuIRrWjvnBYNmk

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 150

https://ad13.ad-srv.net/request.php?zone=rnql7dv15846&nw=14&renderingType=javascript&namespace=f1693882be&subid=&uid=0ce153df675407aa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D87552146%2526a%253D120424%2526t%253D1615825829135%2526l%253D573473%2526p%253D3%2526appid%253D%2526aa%253D604f8ba4-000c-fa8a-0a1b-ba0c79045791%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.hits2mali.net&random=1332377411695&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad13.ad-srv.net/request.php?zone=rnql7dv15846&nw=14&renderingType=javascript&namespace=f1693882be&subid=&uid=0ce153df675407aa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D87552146%2526a%253D120424%2526t%253D1615825829135%2526l%253D573473%2526p%253D3%2526appid%253D%2526aa%253D604f8ba4-000c-fa8a-0a1b-ba0c79045791%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.hits2mali.net&random=1332377411695&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 169

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDn1rumqgEQgAQYgAQyCKpaVzU2OX36 HTTP 301
https://tpc.googlesyndication.com/simgad/1983956361488939258

Request Chain 174

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 175

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 208

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBp9D1EDPZilztYCmAg_FAY&google_cver=1&google_push=AQvitUIFpnBPysmJL6RFJxEGE62WWgVzHqIxJtdsw0xH8nSOIvwXVxgJnQVlFrD7c7rFp65W3W9DVYvD2Z46psph3Iu7dyed72MghA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIFpnBPysmJL6RFJxEGE62WWgVzHqIxJtdsw0xH8nSOIvwXVxgJnQVlFrD7c7rFp65W3W9DVYvD2Z46psph3Iu7dyed72MghA&google_hm=w_5KBdfpTbn_lG1Fw7vlyw

Request Chain 209

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIRbX56XoS6Bldj50Tlry86i17JcBBYmQsq9u08ES_xClFG2TPNFiQJGFZPdysTtiBi5ML93sOEAz75Sb6elx-PSR0nEjnDTA&google_gid=CAESEOiYfF4X6c2CmAkF-7RrU5E&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIRbX56XoS6Bldj50Tlry86i17JcBBYmQsq9u08ES_xClFG2TPNFiQJGFZPdysTtiBi5ML93sOEAz75Sb6elx-PSR0nEjnDTA&google_gid=CAESEOiYfF4X6c2CmAkF-7RrU5E&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTUxNjMwMzEyMzQ4MTgzNjAyNDYyNg%3D%3D&google_push=AQvitUIRbX56XoS6Bldj50Tlry86i17JcBBYmQsq9u08ES_xClFG2TPNFiQJGFZPdysTtiBi5ML93sOEAz75Sb6elx-PSR0nEjnDTA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTUxNjMwMzEyMzQ4MTgzNjAyNDYyNg%3D%3D&google_push=AQvitUIRbX56XoS6Bldj50Tlry86i17JcBBYmQsq9u08ES_xClFG2TPNFiQJGFZPdysTtiBi5ML93sOEAz75Sb6elx-PSR0nEjnDTA&google_tc=

Request Chain 210

https://rtb.openx.net/sync/dds?google_gid=CAESEAjBZAO2S5Rb8mnwBEmRuvQ&google_cver=1&google_push=AQvitUKumRwj03zwVoUxETG-gRy8RyFYNlZcMLyUZZ83SztZgyVaGKHpn6GzogWBz6yCU0-HUi_LNzGhyHXJ1yEvFVtr_0ufeLGc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKumRwj03zwVoUxETG-gRy8RyFYNlZcMLyUZZ83SztZgyVaGKHpn6GzogWBz6yCU0-HUi_LNzGhyHXJ1yEvFVtr_0ufeLGc&google_hm=OdHUmRv1znIrbzB0EktYrA==

Request Chain 211

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMfPDHx52kVVpBvvVFdNwRo&google_cver=1&google_push=AQvitUI9PBkaPrMh69EOz6q_PDx-bcCAZ8xfRUsxYTMcfFZh0gqu0dM0Gb966c3kiL6VlE-KWuG6Z713ukSSGDC5rJuMQnE1iqJJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wbMBDdmAS5626F0rJdLRyQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI9PBkaPrMh69EOz6q_PDx-bcCAZ8xfRUsxYTMcfFZh0gqu0dM0Gb966c3kiL6VlE-KWuG6Z713ukSSGDC5rJuMQnE1iqJJ

Request Chain 212

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGXeF4lkn_TLLkAVRK-t-js&google_cver=1&google_push=AQvitUIO6Fgwkc0GIEq6Q5KjnPCH4YTUd5XF98h039_2fmi-52SzmY1-8-UdFYCGq62tIZkCINVNkpquebQ9ZpTNaZtTt7OFgOV1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01BU1pBNDgtMVktNzA1Sg==&google_push=AQvitUIO6Fgwkc0GIEq6Q5KjnPCH4YTUd5XF98h039_2fmi-52SzmY1-8-UdFYCGq62tIZkCINVNkpquebQ9ZpTNaZtTt7OFgOV1

Request Chain 213

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECS4W3E7ecUscZ7nHMmikD4&google_cver=1&google_push=AQvitUJmtGY2qeCvfdNtwPAhK9Fo7u7fBi8txU13nHGg39Y3cE2iy0ihsJPuAatdmg-tORF6EsOpdlVB_-Ppqxp4vq0lkxkT6NZp0g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YE-LpbwgTlTeGNMWb7yFkgAAASEAAAIB&google_push=AQvitUJmtGY2qeCvfdNtwPAhK9Fo7u7fBi8txU13nHGg39Y3cE2iy0ihsJPuAatdmg-tORF6EsOpdlVB_-Ppqxp4vq0lkxkT6NZp0g&google_gid=CAESECS4W3E7ecUscZ7nHMmikD4&google_cver=1

Request Chain 214

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENjA1f2HMxw8Ai-0yn1TJ0g&google_cver=1&google_push=AQvitUK-vJwO2itiy5NN0E_Iqv7_h21D6qCyPAYvPMo4774PvrRKrLYvty-rCEeriHuXFAkVGbIUnq2PBz3xdZb9n8zcyvf4_l1nN7I HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUK-vJwO2itiy5NN0E_Iqv7_h21D6qCyPAYvPMo4774PvrRKrLYvty-rCEeriHuXFAkVGbIUnq2PBz3xdZb9n8zcyvf4_l1nN7I&google_hm=

Request Chain 223

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 232

https://www.awin1.com/cshow.php?s=2519520&v=14098&q=368694&r=278235&pv=0&pref1=70685700198755200905267011534003 HTTP 302
https://media.kaspersky.com/de/affiliates/KTS-Promo-468x60.png

247 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.hits2mali.net/ 113 KB
20 KB 567ms
535ms Document
text/html 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93fb6c7a549012df0d91ab7d80e6dbcd027c08924c2c95f144a50b10c94564f2

Request headers

:method: GET
:authority: www.hits2mali.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-type: text/html
set-cookie: __cfduid=d03d94a91e6f8f321ab3b91faae660c081615825827; expires=Wed, 14-Apr-21 16:30:27 GMT; path=/; domain=.hits2mali.net; HttpOnly; SameSite=Lax; Secure
last-modified: Mon, 15 Mar 2021 15:52:46 GMT
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 08d8528fb70000bedd38187000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zybaejpYBWVgQiHC0ZOHNJGfLo%2B4H8mPAL1NAcQ%2FeIFZPI4lLWMPn1RTcOrOokhrV%2BJ7oFz0%2BNDX2db1jgKvQy9FDmL19gY3NmiW2e6cFgUps84cMSHvty%2F%2F%2BxJPlw%3D%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6307205f8f76bedd-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hws47.css
www.hits2mali.net/wp-content/cache/wpfc-minified/nl3e9p2/ 92 KB
15 KB 28ms
27ms Stylesheet
text/css 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/nl3e9p2/hws47.css
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f8cb13413e3fa7339ddaae55b6f08b912c6b5ad0f5d0bd75bd698f353e0655e

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2265
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85291d80000bedd112b5000000001
last-modified: Fri, 05 Mar 2021 21:45:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q31RpuakbY9v3dXsoF2QkxXcn8ceT%2Bfvcy6Dre7JOMhWwUgplxkqX9aZR%2BDUE7%2FR%2Bc2Y6jAVN7oZphRU1I%2BStGES2NCKg6cvJpKXsUU5KsqlI4s8Jfjv7IXcKd16IA%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072062f8f8bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&subset=latin%2Clatin-ext&ver=2.7.5

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb1ff5539042648a17a637865be080ea15bf4b79a4f7bff52b34262d686ec1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:29:32 GMT
server: ESF
date: Mon, 15 Mar 2021 16:30:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 16:30:28 GMT

GET
H2 200 hws46.css
www.hits2mali.net/wp-content/cache/wpfc-minified/8ayercmc/ 260 KB
37 KB 23ms
23ms Stylesheet
text/css 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/8ayercmc/hws46.css
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed14813b0d6fd46c6a831f0f61a067a5266804b45f6dc3ce3abf6418683b3f78

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2264
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85291d80000bedd7d1c7000000001
last-modified: Fri, 05 Mar 2021 21:45:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xpaZi4F6ZP51erRwgaF7q%2BjQIAeaCvd0qKl2xIgfWg0Ipr4V8mTMm%2FTogbUroS3sEClrz%2FBG%2Fa%2F4xM3rCXvgBuR8htjtR2s55BbtpZHFtmn3MSQhntlQesZRKTkRdA%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072062f8fabedd-FRA
expires: max-age=A10368000, public

GET
H2 200 hws46.css
www.hits2mali.net/wp-content/cache/wpfc-minified/jma351z9/ 180 KB
18 KB 22ms
20ms Stylesheet
text/css 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/jma351z9/hws46.css
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 674732c3f9a1e0c234c724395abf37d2803266f4e2bb8108aa18ccb4c2143888

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2264
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85291dd0000bedd328d8000000001
last-modified: Fri, 05 Mar 2021 21:45:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oyRpA17MJLjRGNfnz80IqOqwNLg6gfeorZH9Ca6ezQCRqhRAqRbATtDiG1Gs1D0HbQfXV%2Bc7YmEXadElEydZhT9eN5hyT62JouuwC824UxIJAwIck5JESth2ae5yYQ%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072062f8ffbedd-FRA
expires: max-age=A10368000, public

GET
H2 200 style.css
www.hits2mali.net/wp-content/themes/boombox-child/ 944 B
790 B 14ms
12ms Stylesheet
text/css 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/themes/boombox-child/style.css?ver=2.7.5
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 498d2ba49e0e725549c4cea2c43ca9850750ee1ef7e7f8f1293bfa3fc79cf28f

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2264
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85291dd0000bedd8122b000000001
last-modified: Sun, 27 Dec 2020 18:23:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8%2FxcbSSCVWj0ZEAFEWB51tfinSv%2BplfGqSbxxRjtqjfpTO%2FPkYwxsZ%2BmKLe1V70Dfv%2FfKKeb90AqsvG8VFYFZi3BMu%2FHS%2BbJzGk1AClaO3U8zZgQREcGaqFdiu%2BlHA%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072062f900bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 hws47.js Show response
www.hits2mali.net/wp-content/cache/wpfc-minified/6okgwbvs/ 99 KB
33 KB 25ms
24ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/6okgwbvs/hws47.js
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a364b6952667b409ba211c9cb9fd1696ab40581511f5bc010fd9e345cf3c130

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2264
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85291dd0000bedd709d8000000001
last-modified: Fri, 05 Mar 2021 21:45:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ac1a6Qgar3RaeQ%2BFQSPE3a0XUw%2BcBF5oqlnPsHX4%2FZzMRe1lduwWuZ%2Bat2tY4FGCBTwH4r7oLosXAlobOczaKygbcPXMjwWzD2Cyq8IWfrJLBI7EuOlvRPqWT4FENw%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072062f901bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 25ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-88655266-1

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

781841d10df4638214845d3c463a0efd72048853577730c42ae419493546c73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39795
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Mar 2021 16:30:28 GMT

GET
H2 200 hws47.js Show response
www.hits2mali.net/wp-content/cache/wpfc-minified/979sxe7e/ 10 KB
3 KB 14ms
13ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/979sxe7e/hws47.js
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d04b82fa4a960828ffa6e2b1d7317098291cf889308254816f6cef361d736ce

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2264
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85291de0000bedd79905000000001
last-modified: Fri, 05 Mar 2021 21:45:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cSLnf4e%2Bsy7r1sS1A4WL6gakbaLk0V74XgBbDdXG1D%2BZCunTVFh7z8b8iYCD9SrPfYzNyfbwqtZow%2BCyo1NXZuMiajB3Q4lPiqkgwTgp9IxiKfMnEVo8BHvpfpdDqg%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072062f902bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f935c701cf4f28193cc917220550b6da379012569b445d0f2627255031456b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49963
x-xss-protection: 0
server: cafe
etag: 14654040754866382683
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 16:30:28 GMT

GET
H2 200 logo-marfeel.png
www.hits2mali.net/wp-content/uploads/2020/12/ 12 KB
12 KB 21ms
19ms Image
image/png 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2020/12/logo-marfeel.png
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0798ecc3abc1ebe7959ae040722dfa8c4d8fb400a8834dc0cbb491bef2dc8d47

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2255
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11949
cf-request-id: 08d85292540000bedd7da1b000000001
last-modified: Sun, 27 Dec 2020 20:10:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YQM8XqRwvTh7O8%2Bhx9BHM1RV1wLFN4C4ivKIJBZUBNV23Sp%2FzDI9%2BVGh%2FiRk%2Bvng9NY5TYyZ%2FgV6lUm479jUbmeqQvb%2B14QMXEsg1rR3rYbfviJiZvnnrL8Rqm3QgQ%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63072063b96cbedd-FRA
expires: max-age=A10368000, public

GET
H2 200 app.js Show response
sdki.truepush.com/sdk/v2.0.2/ 1 KB
947 B 56ms
12ms Script
application/javascript 2600:9000:2182:5e00:7:6b7b:1000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/v2.0.2/app.js
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5e00:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e34da8bcc5cecbb4fd81779f88a5d113ee7109562ee83074e20379d85277cc12

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 22:57:07 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 08:54:12 GMT
server: AmazonS3
age: 581602
etag: "5ccd56c9afc88be90be3503b31508d68"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 581
x-amz-cf-id: KtFw7gnhVEX-gqC2fJoUkl7ecMyX397fm1YE_sHdD6iUuY_sFH0JOw==

GET
H2 200 wp-polyfill.min.js Show response
www.hits2mali.net/wp-includes/js/dist/vendor/ 97 KB
32 KB 23ms
23ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2263
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292070000bedd79907000000001
last-modified: Thu, 13 Aug 2020 17:19:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kcl0I6F%2F0MvIF457IR8ohSw0%2BeQEe8BDGYy33Sn1ykWIlLhCR8oGMXu3ueGTEDn9yx8%2BSAifZyMd6BPFelv%2B42dpMvu%2FCCVznKNu5jm%2BDPHhyZ7xo30g5TpzZC9%2BrA%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 630720633917bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 hooks.min.js Show response
www.hits2mali.net/wp-includes/js/dist/ 7 KB
3 KB 12ms
12ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-includes/js/dist/hooks.min.js?ver=50e23bed88bcb9e6e14023e9961698c1
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2263
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d852920a0000bedd5a801000000001
last-modified: Wed, 10 Mar 2021 04:44:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LajjJJTx%2Bam2tIqWyEsK4W66j%2FSJhmqAsrqafRDLBzxAan8p5EIsmo9Oq9VEfkhkk0NfxMIvYYUaXHXfEZ4bDDhmdtQqbvqHPB5Rnn%2BoGSkfmdOd5RhAzTqxi4aHRg%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063491cbedd-FRA
expires: max-age=A10368000, public

GET
H2 200 i18n.min.js Show response
www.hits2mali.net/wp-includes/js/dist/ 10 KB
4 KB 14ms
13ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-includes/js/dist/i18n.min.js?ver=db9a9a37da262883343e941c3731bc67
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2262
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292230000bedd689b5000000001
last-modified: Wed, 10 Mar 2021 04:44:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TjOcg3dvzJXr5QVGPCfQwleEsI4DfWgLj5vcd1bzmv8Kxx3LbmmfGVF4iz%2F%2B5dyZmJo%2F0OXJW%2FWGyHWxVa%2BoFgR2wegpkAlogcROIUrST6y3gOpHLVLkmL704NjtTQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 630720636931bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 lodash.min.js Show response
www.hits2mali.net/wp-includes/js/dist/vendor/ 71 KB
25 KB 24ms
24ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2262
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292350000bedd748d9000000001
last-modified: Thu, 13 Aug 2020 17:19:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S95MkS1gQf83AD75akYNvfiYxoWtUGLA9d5cyRZpEZ%2FW2st9zNgxdvfnsUwjNlDOFfhb4ib2jbuNEPEOg18L8i6AOvXxD2clz1cySEeko6YkKNqoYZscVH1lwK0HFA%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063894abedd-FRA
expires: max-age=A10368000, public

GET
H2 200 url.min.js Show response
www.hits2mali.net/wp-includes/js/dist/ 8 KB
3 KB 17ms
17ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-includes/js/dist/url.min.js?ver=0ac7e0472c46121366e7ce07244be1ac
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2262
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d852923f0000bedd8ab2b000000001
last-modified: Wed, 10 Mar 2021 04:44:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s9FyQyatne%2Fl48I5bsz%2BdTYyI4DiMRQ2f5HRS3rTFRnkhNPIXf7rnNa3DAgX4O4TNccPck8EuUv%2FsBH%2F11APUNLu%2Bnuu7RmwBsz%2BxFfz1ZjNDrUx6tH6J%2B%2Boamp5jw%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 630720639956bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 api-fetch.min.js Show response
www.hits2mali.net/wp-includes/js/dist/ 12 KB
3 KB 16ms
12ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-includes/js/dist/api-fetch.min.js?ver=a783d1f442d2abefc7d6dbd156a44561
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2259
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292510000bedd748da000000001
last-modified: Wed, 10 Mar 2021 04:44:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uELcbGRJDW2IzM6T6y9lay%2BEEpj7lN1zn62UJ%2FBgzjqO6CSyE44UPHMhAerbpE0JHV35M%2Bz3EvSy%2B6oxiIpKZ8UEDxIHVVrJxQ9w2B5gKA1KB0yIN0jmmc0Bb9m9SQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b95fbedd-FRA
expires: max-age=A10368000, public

GET
H2 200 index.js Show response
www.hits2mali.net/wp-content/plugins/contact-form-7/includes/js/ 11 KB
3 KB 20ms
17ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2257
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292510000beddf9922000000001
last-modified: Wed, 24 Feb 2021 11:58:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4aR9JlBGJAGjf6819pEHWzJoafOdkU0nU%2B3RFifSXpBL3lOu6E78NTlDqBFISq137xmXkwBrcMV3hjqnE535ZQt1ElpDQdDgJu574axMsqsAeDIF3CUXdmii9HAnZw%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b960bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 rate-my-post.js Show response
www.hits2mali.net/wp-content/plugins/rate-my-post/public/js/ 24 KB
5 KB 22ms
18ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.3.2
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2248d914ed026123d24771f29b755d88e8da4026dbc22de4277aba8dff11fa67

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2257
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292510000bedd82b7d000000001
last-modified: Sat, 13 Mar 2021 16:23:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5YKX%2BsUN57fQ3jzszMilPmYjV7tdCHGuiHW4JktfdpBzPq55CGfbwhBGlpRGyfnhJjY%2FqW2lkxl2PqfFDEQJKYONBS5hXJFyfy4cTTCPWQtCNZFcm8uitg0VwRT1xQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b961bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 uk-cookie-consent-js.js Show response
www.hits2mali.net/wp-content/plugins/uk-cookie-consent/assets/js/ 2 KB
862 B 21ms
18ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/plugins/uk-cookie-consent/assets/js/uk-cookie-consent-js.js?ver=2.3.0
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e52aa532594524ce54ab7f748eb9828e2285b705ba1da5fe5b4c0f4ada6ce1a

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2257
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292520000bedd46b41000000001
last-modified: Thu, 31 Oct 2019 13:52:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y0OxThsj%2B7nAxoalNJiO14Cge428TCpjPDrzPFaAPTZf0gO7D2wu3d%2BFOoXjki2LkmHQ319BY%2B80WCAoXQZyHsBKt05Tz8%2BNi5zPoV1XIGrn5s02wOTz6WbPVpRnNg%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b962bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 scripts.min.js Show response
www.hits2mali.net/wp-content/themes/boombox/js/ 126 KB
33 KB 26ms
22ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/themes/boombox/js/scripts.min.js?ver=2.7.5
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a800978f7ebfa4bfd016bb99fa5d84eddad32ce207d6d693ba2e5cb9993b0e91

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2257
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292520000bedd26206000000001
last-modified: Thu, 04 Mar 2021 04:44:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jrMYCuiEzQTXVAUqgZDRlSw8MOrSXPIXiO5%2FVYJgsIAPra7SVeN96Az6llLt9KawSwDP9ZzpThdQzIQwnPvfrA7En25MUvke2i1wdK%2B7aQXd%2B4%2Fi0VMrtbaF1iMRRw%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b963bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 ajax.min.js Show response
www.hits2mali.net/wp-content/themes/boombox/includes/rate-and-vote-restrictions/js/ 3 KB
1 KB 25ms
21ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/themes/boombox/includes/rate-and-vote-restrictions/js/ajax.min.js?ver=2.7.5
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6d23c44cc050dcc8a3619657db6c3310445d109b22be9c8041fa200a21a41cf

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2257
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292520000bedd200f7000000001
last-modified: Thu, 04 Mar 2021 04:44:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eHCc%2B%2BR0%2B4hrp2Z9%2Fa9L5JA8M6E0to5WcCqYiN7j6SZ7YxFUByUPIrPhGWavtMY7QVlyGYVaH%2BEY3US4fDrqYWWBY5nKCmuzB2Qqg1RVCg0XLJeQ%2F8e7IOE7e2Yb6Q%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b964bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 shortcodes.min.js Show response
www.hits2mali.net/wp-content/plugins/boombox-theme-extensions/boombox-shortcodes/js/ 2 KB
1 KB 22ms
19ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/plugins/boombox-theme-extensions/boombox-shortcodes/js/shortcodes.min.js?ver=20160609
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63bec8ca3fa9b827b949d1b9ce9798b418e33ad31e55df1d73e06ee1350fd718

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 743
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292520000bedd08065000000001
last-modified: Sun, 27 Dec 2020 18:47:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aLPNeJgMYHoazg0tsCnfhgc396wbS%2F%2BYqq6m0WNDyDeL%2BNjCXUJJonCmmb%2Fsv6JRnm40zDM0LvLV%2BOD8zr2ZknGE4WI7N91JxhE%2FtI4PFDrb3NdjurZcEf83nmRFgA%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b965bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 essb-core.min.js Show response
www.hits2mali.net/wp-content/plugins/easy-social-share-buttons3/assets/js/ 54 KB
13 KB 20ms
17ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js?ver=7.6
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71e5d7d3d8216e2398771bd9181bd2b769f2ab95965300306ea443a6d32aa3ab

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 743
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292530000bedd328df000000001
last-modified: Sun, 27 Dec 2020 18:48:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q2EMMPXOBZxW7rucSWGG2%2FBvh1ZFB5jbHMKVgN7IZT6Jgfv9RrR79zFkIcetTJslYXhribRfziU8nGF8zVfwc9Va2ZjTEKv99fmoC%2F4oeS2O4FPLPk7lEEDOj2G1mg%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b967bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 fitvids.min.js Show response
www.hits2mali.net/wp-content/plugins/youtube-embed-plus/scripts/ 3 KB
1 KB 19ms
16ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2256
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292530000bedd86993000000001
last-modified: Tue, 09 Mar 2021 04:43:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rmu3ANf9nysUqxQyz06rlwpQUWbJ2wF41CB7kwUTHKUti0AtkrV%2Fh3o%2BswBJ3e0K24O0Sd1ZGexjhT1PJ07Fos2tZCjQ09JvjwGjhMm0R67CG9WfrgdXcaFV7494AQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b968bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 wp-embed.min.js Show response
www.hits2mali.net/wp-includes/js/ 1 KB
963 B 21ms
18ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-includes/js/wp-embed.min.js?ver=5.7
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2255
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292530000bedd112bb000000001
last-modified: Thu, 04 Feb 2021 13:52:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M7gLTZen2kCTlKiR73ZJGgxFGaX9y0Q2zaJiC7drSM%2BNcJr2ACa21yO%2Fls45gzKV3X2T5gQSclx3kJ%2BnOhk7e2g0yrr891JGA%2BAAARvDWk7ojQepv90A%2BFVI%2BzQ2Pg%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b969bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 ads.js Show response
www.hits2mali.net/wp-content/plugins/quick-adsense-reloaded/assets/js/ 80 B
425 B 18ms
15ms Script
application/javascript 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.21
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c2d13e3cc15c56e77174be6b1567b8b604d62ff2cefe6d9df22c02341b1d80b

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2255
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d85292540000bedd6c1d1000000001
last-modified: Tue, 09 Mar 2021 15:02:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0F41ntjG9kDjkCuOt%2BDVhJol4qg2WejTtmQQfyr%2FOdtluVw48irO8JACmA584R71ok1PtGK%2BhSq%2FWRuTDBMz%2F9TRMBmfJOKFC5rJbBOln5J8xubS%2FUhEwKwTMxkyXQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 63072063b96bbedd-FRA
expires: max-age=A10368000, public

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/ 225 KB
85 KB 48ms
45ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2166305276422997&plah=www.hits2mali.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86491
x-xss-protection: 0
server: cafe
etag: 16470564300944896599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 16:30:28 GMT

GET
H2 200 ui-icomoon.ttf
www.hits2mali.net/wp-content/themes/boombox/scss/icon-fonts/fonts/ 53 KB
53 KB 437ms
436ms Font
x-font/ttf 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/themes/boombox/scss/icon-fonts/fonts/ui-icomoon.ttf?b8kvzv
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/8ayercmc/hws46.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bae3d2263f38730a81ad4a2367def471bd963e0abde6446dbe49fff52d8046a

Request headers

Origin: https://www.hits2mali.net
Referer: https://www.hits2mali.net/wp-content/cache/wpfc-minified/8ayercmc/hws46.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54188
cf-request-id: 08d852925a0000bedd67bce000000001
last-modified: Thu, 04 Mar 2021 04:44:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iu98YJLF54JF2CspxvgVscp40Gr6l8ui6%2F%2FHqGh2T8DE7zl6cbwaGpJyvH23sohkQKmeTISH5HV4oZjS1gINPPd5wv3Dm%2B0rBZyk8DAaI47W6HwBHrWFnOpDOQG%2BNw%3D%3D"}],"max_age":604800}
content-type: x-font/ttf
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63072063c972bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 bb-icomoon.ttf
www.hits2mali.net/wp-content/themes/boombox/fonts/icon-fonts/icomoon/fonts/ 72 KB
73 KB 423ms
423ms Font
x-font/ttf 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/themes/boombox/fonts/icon-fonts/icomoon/fonts/bb-icomoon.ttf?tppylb
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/nl3e9p2/hws47.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ddf44704c93f670e08c0074597de17fda37f4b2509a749be37ee0da41b50e7

Request headers

Origin: https://www.hits2mali.net
Referer: https://www.hits2mali.net/wp-content/cache/wpfc-minified/nl3e9p2/hws47.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73944
cf-request-id: 08d852925a0000bedd5294d000000001
last-modified: Thu, 04 Mar 2021 04:44:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JKeVyEuCbXWAVvWnR0JlEo1JWmQy%2BuCG%2BYdAYCR2D1dnixjWIHi1i1rXxEd77IDqHmpm3AFdcivpg6oRgXls8hpHvBOLqu%2FFrT9OQiGbdTWvvY6DA%2B6bEv8YksHo9A%3D%3D"}],"max_age":604800}
content-type: x-font/ttf
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63072063c973bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD-Px3rCs.woff
www.hits2mali.net/wp-content/fonts/montserrat/ 16 KB
17 KB 432ms
432ms Font
x-font/woff 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/fonts/montserrat/JTURjIg1_i6t8kCHKm45_bZF3gnD-Px3rCs.woff
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 578b2a81d78b7a78f9d4584c6e21373daa7d297e12dcbfe16c7ac70460c87f72

Request headers

Origin: https://www.hits2mali.net
Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16888
cf-request-id: 08d852925a0000bedd748db000000001
last-modified: Sun, 27 Dec 2020 19:17:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kz8iBVjhvHbMFZMumWsqJLQSQyATLFuGU%2Fr3%2BZBys0jrIxOvaf22kGW3AY9M%2Bg6OAMZPTWh7KucfZuZ0sCm33Av2n7KFGqHq3TXOVDFFyMGDbLupOuZJd1WZFFc7%2BQ%3D%3D"}],"max_age":604800}
content-type: x-font/woff
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63072063c975bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&subset=latin%2Clatin-ext&ver=2.7.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hits2mali.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:38:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:03 GMT
server: sffe
age: 409939
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19272
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:38:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/ Frame 26F5 10 KB
5 KB 9ms
9ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210309/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hits2mali.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hits2mali.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 14 Mar 2021 23:47:12 GMT
expires: Sun, 28 Mar 2021 23:47:12 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 60196
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhzSTh89Y.woff
www.hits2mali.net/wp-content/fonts/montserrat/ 17 KB
17 KB 423ms
422ms Font
x-font/woff 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hits2mali.net/wp-content/fonts/montserrat/JTUSjIg1_i6t8kCHKm459WlhzSTh89Y.woff
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31c2c15435770ff162b185bbc6bead3a72af4af9da3a5801b0c5f5512eb44c5a

Request headers

Origin: https://www.hits2mali.net
Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17180
cf-request-id: 08d85292950000bedd8ab2e000000001
last-modified: Sun, 27 Dec 2020 19:09:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GX0zRUIBjLfHyIeunoA2dOWXjziQL2ALK2S7Km4XlTDapOTClTCX1EywC8RDTpJyVp9WJK9r0XDO7kwlYCZMgqcvPjLjUvxReAqr4kEIpY60x7cd%2FMujds2It0i7iQ%3D%3D"}],"max_age":604800}
content-type: x-font/woff
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63072064299cbedd-FRA
expires: max-age=A10368000, public

GET
H2 200 MICRO-TROTTOIR-Tu-fait-quoi-Si-tu-decouvre-que-toi-et-ton-frere..-aimiez-la-meme-fille..-YouTube-min-360x180.png
www.hits2mali.net/wp-content/uploads/2021/03/ 46 KB
47 KB 24ms
20ms Image
image/png 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/MICRO-TROTTOIR-Tu-fait-quoi-Si-tu-decouvre-que-toi-et-ton-frere..-aimiez-la-meme-fille..-YouTube-min-360x180.png
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e82bbbcaab44d35f211682867f3bba3298761dacb4361c7ac6882004ea0e86f3

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 64
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47588
cf-request-id: 08d85292cc0000bedd7990e000000001
last-modified: Thu, 04 Mar 2021 16:57:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s0y5lK8X7FNuMehJmtTJZWM54aP6dso4pwitmB8oyMbZYG0yIJkqF9MZHlEAi%2BASxAnhWnUYPhfh3%2FHT4KnCcb5l75Gw6%2BWDUEyVa4KNWkjDfbWzuKlDNWjITCxEgQ%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479b3bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 buzz-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 19 KB
20 KB 18ms
15ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/buzz-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36a10b690a4f05841e54cf24f1c9d195dc30dd47f4048ccac137d7b0537da70

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 63
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19835
cf-request-id: 08d85292cc0000bedd689ba000000001
last-modified: Tue, 02 Mar 2021 12:54:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UO8RcgXNROjEKKkSXY2uBHwMSbc0YKsGeHWT%2BVe9U4I9%2FfhRcQ5i4SGA1dNfUs2zgtoPE5StPL5sLsFCGcpYI5VMxk43FrmwMLpEputwVt9lE0QFXfN5cSMfj9T7Nw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479b4bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 MELO-KING-KOULOUGUE-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 17 KB
17 KB 23ms
19ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/MELO-KING-KOULOUGUE-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc30e767c967ef2ef26596537a154777091258db628062b77102ae6ee5fa6c0d

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1702
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16928
cf-request-id: 08d85292cc0000bedd52950000000001
last-modified: Mon, 15 Mar 2021 14:56:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FIZJnIiL1SqGfC%2Fn36Xd%2BRMScaEjAERQ9BFdYKvCUfv6HJox84JRWBdGN8x01oaXySfvh3AuRQhHhgEXJvJUyF4HJ3gwEVVVJoqHPC2mefcNLNpf2hHNe3gPoOFBOQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479b5bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 ADJI-ONE-CENTHIAGO-BADEMBA-SYLLA-HABAKERA-SUPER-AUTO-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 22 KB
22 KB 16ms
13ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/ADJI-ONE-CENTHIAGO-BADEMBA-SYLLA-HABAKERA-SUPER-AUTO-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f3cad361cd8677fdb3af1bb7e2170538c1924bec3178f48881620a74445da0f

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1661
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22266
cf-request-id: 08d85292cc0000bedd67bd4000000001
last-modified: Mon, 15 Mar 2021 14:51:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MtjKjS%2F1ckYHNMKrNmQkzmv%2FVZuYjsK1sMiwtxPnkpTIBFw1928XZvoDmTT9oNqOhGiE1dRDFf806XgzwRjEkHj9Y6hOqzJf7oTwnQiYaXlaJs9MF38r7KRm26Wjcw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479b6bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 YOUNG-B-GANGSTA-BELEDOUGOU-FASSA-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 12 KB
12 KB 20ms
17ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/YOUNG-B-GANGSTA-BELEDOUGOU-FASSA-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3081d318b7a420cb1290d94520013bc6bb89470a6d9a7a5b71b3e3aeed7e25ac

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1702
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12327
cf-request-id: 08d85292cd0000beddff01d000000001
last-modified: Mon, 15 Mar 2021 11:36:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tucfk88lsHnQBGB%2FnoD9wsuHTf8hwThBJ90u2kuthRAMCuho%2B%2FmBRv5M5hMKD4Tf0etP2vPh%2FiuJ9khyS2aqpJphPT1perwolbMtsVPZK5VFDsht7nAR0q2iVocx9g%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479b7bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 ZIKIRI-MARIAM-DIABATE-MADI-DIAWARA-FASSA-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 16 KB
16 KB 15ms
12ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/ZIKIRI-MARIAM-DIABATE-MADI-DIAWARA-FASSA-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c57157383ca65a861e9574888bed14ef371762c00c2acedcfc79b778badca8

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 743
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16202
cf-request-id: 08d85292cd0000bedd748df000000001
last-modified: Sun, 14 Mar 2021 19:53:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eYWJDVsYvGsxs1dHuq18Gw1bty0Py1qgtfCjIeTJnghUE7z4qwoPDWqsbA4iD%2BdfmFCwiaT5ql9l7wLO3XNMQSr7Q3MMmcVDgdROBO63K0tDHHirChqG2hzkq9Ytww%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479b8bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 MAGASS-ICHIRACHE-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 13 KB
14 KB 18ms
15ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/MAGASS-ICHIRACHE-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8291dda38daf11b618c9fc2c4611eca762a086925ed38df46b9232b7a2fbf0b

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1702
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13752
cf-request-id: 08d85292cd0000bedd5a809000000001
last-modified: Sun, 14 Mar 2021 19:38:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZaCRPImyaigZPLvMyoTFUPUM9rTTXIXhSDfDV5ngysj1ng4%2BwjX6f52ZUyjOki%2FqHeEqR10ZbE25lYYBo2AMthOs03Vi767ZjkojYiwymN56%2BZ7G7CTjlLmvFIuQNg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479b9bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 POKOLO-CHEZ-DILLER-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 15 KB
15 KB 20ms
17ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/POKOLO-CHEZ-DILLER-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ff7113813e2793be8fe500e92396ca6ef76cfc95c3c6a955d0578977b047b9c

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1702
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15332
cf-request-id: 08d85292cd0000bedd82011000000001
last-modified: Sun, 14 Mar 2021 14:42:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RnFbp0A5VblbcO3Qk5q9QYjCW3b%2BhbD3TEpIJQNZSBTYKUxvn0LC7U3NQEzbqDUyNtYPyGoLM%2FnmlegI%2BtwRkV4t1vHbcJrlu48b8rj2YFadjuQPHLKx8SZKZw1g8Q%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479babedd-FRA
expires: max-age=A10368000, public

GET
H2 200 LBHFsArc8Gs-SD-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 9 KB
10 KB 16ms
14ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/LBHFsArc8Gs-SD-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7d64b04f330a03579f6aed2f6f1110bf21ab4b30a44a2043348213502f73d3d

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 776
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9614
cf-request-id: 08d85292ce0000beddf9926000000001
last-modified: Sun, 14 Mar 2021 03:49:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ytzkrPXW2WUppWTe789YKaQJ9%2Bjt2q%2BFPXmVriPlfPQJOotxW%2BmspaWZlTfh1rPQww302l7BVeRCYuhvWbgsMq0wNZT66H069bWaySteCwPoprn%2FLbvAVZlz0XfmFA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479bbbedd-FRA
expires: max-age=A10368000, public

GET
H2 200 JEUNE-GRIOT-FEAT-BAYINI-SORA-SISSOKO-FILS-DE-BAZOUMANABA-DOUNIA-BI-MOGOYA-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 18 KB
18 KB 23ms
21ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/JEUNE-GRIOT-FEAT-BAYINI-SORA-SISSOKO-FILS-DE-BAZOUMANABA-DOUNIA-BI-MOGOYA-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47644671f68204ed99537f2898fc75d81b5aebc62cc894a9d02ccc1015b71b9b

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1702
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18367
cf-request-id: 08d85292ce0000bedd46b45000000001
last-modified: Sat, 13 Mar 2021 20:04:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E93eNQ6kcH72LURQZFFoQPA9b5bxzEbA0nu%2FAJWCqwftEfrjA42pSjInxXkUPwKuxdc9lCTTaqDGGLtIRcap%2FXL4htA0IM309t%2FPkwaK0KvrfFB0k%2BbQtFYv2di9Tg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479bdbedd-FRA
expires: max-age=A10368000, public

GET
H2 200 MAME-FLOW-CHINI-TE-KALAN-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 13 KB
14 KB 24ms
22ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/MAME-FLOW-CHINI-TE-KALAN-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf03ff1b01b8de4a4490ff63292d9163f590261c444a99eea892739700ab6dcd

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1702
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13698
cf-request-id: 08d85292ce0000bedd200fa000000001
last-modified: Sat, 13 Mar 2021 16:23:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yQd%2FgcWRyJJQOsqqez%2BhQ3ceDz%2BuG8Wv3z100cO8X19V1UXgZDuj%2FbipH8t%2BUjT3CxUedTA0t7wjTzkQKuq4DSUqFB9us3F8M6WyXuocPoPDM1SW0k%2Fj9Mh4bYnScg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479bebedd-FRA
expires: max-age=A10368000, public

GET
H2 200 en-ligne-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 13 KB
13 KB 20ms
18ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/en-ligne-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 779985448c3126643e59542fb5bdd015aa953395176192173bcfb7a16057470d

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1702
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13388
cf-request-id: 08d85292ce0000bedd0806a000000001
last-modified: Sat, 13 Mar 2021 16:00:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ek%2BQ6L1PtzjHVTHEmZ9%2FyiVWoO3oz7R%2Ba2NG67VUWzb3VK7SPepQYQH2JDx2SycMRwbDjgLYuwp7Gf%2FaH7R0B6xDplsif4tGQLXZnnGBq7aigiXDdD5FQicXaUX%2Fkg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206479bfbedd-FRA
expires: max-age=A10368000, public

GET
H2 200 MARIAM-BAH-LAGARE-DOUGOU-WILI-MAOU-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/02/ 12 KB
13 KB 438ms
436ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/02/MARIAM-BAH-LAGARE-DOUGOU-WILI-MAOU-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f57ab8c4fd93c3ba461b1fa362ecbf1b1c7a761a0c507cb0d185a0c0e2a6272

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:29 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12452
cf-request-id: 08d85292e40000bedd52951000000001
last-modified: Sun, 28 Feb 2021 02:04:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WFblTIZ9r9Qp8sfYDz6SyNxuuGOQgvl2hUr%2Fumcb3M40eYTu67WYMjkNKOLIhBiBf6Eh21YeML0hPAlAEFGl8MY3lK47U5Yif3IWO4DjQSKyfguRRtV8yph7e3HWjQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6307206499ccbedd-FRA
expires: max-age=A10368000, public

GET
H2 200 01-NF-MAMA-M-A-L-I-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/02/ 11 KB
12 KB 12ms
11ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/02/01-NF-MAMA-M-A-L-I-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00b96b7a93061641c0c6df3f67446fc0a7c7a10c3c4829d09ae8e35bb56c6048

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 743
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11557
cf-request-id: 08d85292e40000beddff01e000000001
last-modified: Thu, 18 Feb 2021 19:31:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uN4IkW3XDjjOr74NJwpNWA5GISDlmaTvqwEjWI59ZcxeSSCBc%2BzEZJsDk2ODiiZ1eG6Rryft5aRAash9aY%2FKko8eC1h8kte730wfajd4BRRWzCRhbq9zbibBVh5UpA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63072064a9cebedd-FRA
expires: max-age=A10368000, public

GET
H2 200 OUDE-MILL-KOUMA-BEY-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/03/ 12 KB
13 KB 442ms
441ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/OUDE-MILL-KOUMA-BEY-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f552b22e194625b4875315f201e40fcb4c5b7f6290bd78592d1860b179d866f4

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:29 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12479
cf-request-id: 08d85292e80000bedd5a80b000000001
last-modified: Fri, 05 Mar 2021 18:24:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s5DvBTGsKiesXANM2HEjWLPKyTSGBX8QATRYisKjUOoxXtg7BR3sDwf5%2BJnSu1BvoOiW7mcaRl%2FFB9c3z5SpNLQnf96G9zWyKJ4IhrMbrea7ytTTa7xT0BtzqjGhwQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63072064a9d0bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 SIDIKI-DIABATE-THE-ACHOURA-CLIP-OFFICIEL-YouTube-3-min-360x180.png
www.hits2mali.net/wp-content/uploads/2021/03/ 119 KB
120 KB 17ms
16ms Image
image/png 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/03/SIDIKI-DIABATE-THE-ACHOURA-CLIP-OFFICIEL-YouTube-3-min-360x180.png
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c427bac2dbde25299a1a907f15f4dee13a9f8cf40e9571af674e6360f21f335

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 615
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122238
cf-request-id: 08d85292e80000bedd82013000000001
last-modified: Sat, 06 Mar 2021 20:46:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TbKuIgyZW67XLhPROj2UkK3npgpqaVAgjQweZOdFIEQ4vMtX4V8AXxsjsCACHXs95sBR1ZAHgKSz4vPupcy%2FqV9I0St8uWAAOdZSUUPxYStlsxptCZCbJbbB%2BMEApA%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63072064a9d1bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 DJOSS-SARAMANI-NE-MA-FAMOU-mp3-image-360x180.jpg
www.hits2mali.net/wp-content/uploads/2021/02/ 17 KB
18 KB 533ms
532ms Image
image/jpeg 2606:4700:3033::6815:266b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hits2mali.net/wp-content/uploads/2021/02/DJOSS-SARAMANI-NE-MA-FAMOU-mp3-image-360x180.jpg
Requested by: Host: www.hits2mali.net
URL: https://www.hits2mali.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:266b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a1e46e6ecad234fb87988f226becf244ddb8b1c46024222837914f51ba1a72

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:29 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17616
cf-request-id: 08d85292e50000bedd46b46000000001
last-modified: Sun, 14 Feb 2021 18:11:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NkTZXLeZFIzNw8bGYbd09NN5ctUbzasqiYmH2E3NuPEy6Kh34yI2%2FOo54ZEmvkVtiP9DRDKfT5TFxSMi%2BoIS%2B3sJuvXi7GAbDqWvBqP1b6Gbh%2FqnEK1CNFfSh44h8A%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 63072064a9d3bedd-FRA
expires: max-age=A10368000, public

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
262 B 55ms
54ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hits2mali.net&callback=_gfp_s_&client=ca-pub-2166305276422997

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2166305276422997&plah=www.hits2mali.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

125d6a3b149aa361b1b91e17f84431659ebfdbbecdfac83836b75cba78fbd669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hits2mali.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hits2mali.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B75 32 KB
2 KB 69ms
69ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&adk=1812271804&adf=3025194257&lmt=1615823566&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fwww.hits2mali.net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615825828427&bpp=15&bdt=122&idt=187&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7210220457823&frm=20&pv=2&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50fab4b045834205808736d4192551f137a4e0db449228ea1f830ae63cbed0ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2166305276422997&output=html&adk=1812271804&adf=3025194257&lmt=1615823566&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fwww.hits2mali.net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615825828427&bpp=15&bdt=122&idt=187&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7210220457823&frm=20&pv=2&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hits2mali.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hits2mali.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 16:30:28 GMT
server: cafe
content-length: 1896
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 15-Mar-2021 16:45:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:28 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615552002806803"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Mon, 15 Mar 2021 16:30:28 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/fr_FR/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f092ded71786131e4d820295da103c34a589c05f1dd0b7e256e7ade84216cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /2AqELjFM5rsHySDQmBvRg==
cross-origin-resource-policy: cross-origin
expires: Mon, 15 Mar 2021 16:36:08 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: pKBO6lpULNY7lRPyK63cDLmKAIHJPIgqMJHfJyFTQ0RYoJoZpvJzdPvya0cx3db23WzhetCpbAm5jqAquqg4aQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: 1d82dfc88858248d4138710cb027c7f0
date: Mon, 15 Mar 2021 16:30:28 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3754115d041e43eed44f9aa7dd886417"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-88655266-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3723
date: Mon, 15 Mar 2021 15:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 15 Mar 2021 17:28:25 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAB8 93 KB
34 KB 257ms
256ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=90&slotname=2480428536&adk=3466934027&adf=3899349527&pi=t.ma~as.2480428536&w=728&lmt=1615823566&tp=site_kit&psa=0&format=728x90&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828481&bpp=3&bdt=175&idt=258&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6g7mSVCRNe&p=https%3A//www.hits2mali.net&dtd=264

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f00b174c97d4dff49af8d8323008d682c2fe75f383318250c534e515cd04c567

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-zq6Tcsu8CFY6DhQodzxoEHw&gqi=pItPYPyHLoa2-wbI3a2AAQ&layout=/sadbundle/%24csp%253Der3%24/3120411795171369841/728x90/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2166305276422997&output=html&h=90&slotname=2480428536&adk=3466934027&adf=3899349527&pi=t.ma~as.2480428536&w=728&lmt=1615823566&tp=site_kit&psa=0&format=728x90&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828481&bpp=3&bdt=175&idt=258&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6g7mSVCRNe&p=https%3A//www.hits2mali.net&dtd=264
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hits2mali.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hits2mali.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-zq6Tcsu8CFY6DhQodzxoEHw&gqi=pItPYPyHLoa2-wbI3a2AAQ&layout=/sadbundle/%24csp%253Der3%24/3120411795171369841/728x90/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 16:30:28 GMT
server: cafe
content-length: 34169
x-xss-protection: 0
set-cookie: IDE=AHWqTUnIWwu27TbaOTN2kAQSaW57HMEtBIsAl_GL_74Va5OH_6-lZ8ADXthdr8NwYBQ; expires=Sat, 09-Apr-2022 16:30:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:28 GMT
cache-control: private

GET version.json
sdki.truepush.com/sdk/ 0
0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F39 10 KB
5 KB 243ms
243ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=60&slotname=2028032198&adk=3294615308&adf=1761816237&pi=t.ma~as.2028032198&w=468&lmt=1615823566&tp=site_kit&psa=0&format=468x60&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828509&bpp=1&bdt=203&idt=254&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=368&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPHJ2FoUqi&p=https%3A//www.hits2mali.net&dtd=259

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac70265d408672de2397bdf91cb3645e7f753280f08c0d06abf93232d6b935d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2166305276422997&output=html&h=60&slotname=2028032198&adk=3294615308&adf=1761816237&pi=t.ma~as.2028032198&w=468&lmt=1615823566&tp=site_kit&psa=0&format=468x60&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828509&bpp=1&bdt=203&idt=254&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=368&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPHJ2FoUqi&p=https%3A//www.hits2mali.net&dtd=259
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hits2mali.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hits2mali.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 16:30:29 GMT
server: cafe
content-length: 4915
x-xss-protection: 0
set-cookie: IDE=AHWqTUn139ek6vGAw53q9zSknpwZ7oPk8_4dqVJEkvbvi2TBKAsrDh4bsfWN833obds; expires=Sat, 09-Apr-2022 16:30:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:29 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5636 106 KB
35 KB 529ms
528ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&slotname=3837896442&adk=1853870413&adf=593623235&pi=t.ma~as.3837896442&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615825828554&bpp=3&bdt=248&idt=220&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LAhUG1Nlma&p=https%3A//www.hits2mali.net&dtd=223

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d941eb88125b6e02981a66b4d0874139f98931aca9ee731e35e49d437bcefc82

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMe2raTcsu8CFZSJhQodNO0CPg&gqi=pItPYPf-L7GA2fcPh4WYeA&layout=/sadbundle/%24csp%253Der3%24/12657435737818723370/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&slotname=3837896442&adk=1853870413&adf=593623235&pi=t.ma~as.3837896442&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615825828554&bpp=3&bdt=248&idt=220&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LAhUG1Nlma&p=https%3A//www.hits2mali.net&dtd=223
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hits2mali.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hits2mali.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMe2raTcsu8CFZSJhQodNO0CPg&gqi=pItPYPf-L7GA2fcPh4WYeA&layout=/sadbundle/%24csp%253Der3%24/12657435737818723370/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 16:30:29 GMT
server: cafe
content-length: 34745
x-xss-protection: 0
set-cookie: IDE=AHWqTUnniKcC9s4aTxur7CynLGLNXGGRbYpO3WjKX29_k7GA3aKd1EkdCTpXUgoTamU; expires=Sat, 09-Apr-2022 16:30:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:29 GMT
cache-control: private

GET
H2 200 sdk.js Show response
connect.facebook.net/fr_FR/ 197 KB
60 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js?hash=a04cb24f3f4a3a66bc825f7f10eebae7&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f2ff07e7359eb939b3c8475e6a902cb846bb4fa714c23f9639091217d2719ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.hits2mali.net
Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IteRWYA0ocT/vq7frIzubg==
cross-origin-resource-policy: cross-origin
expires: Tue, 15 Mar 2022 14:13:33 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60556
x-fb-rlafr: 0
x-fb-debug: 5y0EyoSFCSrW3tOAjdXE5GhkeOjSgpFjMgjIrok2ZUhHM/8RzyhHHGoM8yjZAs193bAkqPEppIZz7sW1g5gCnw==
x-fb-trip-id: 917726464
x-fb-content-md5: bc2ad49c7d32bd7fd5ed03a893d49247
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 15 Mar 2021 16:30:28 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e0702665be621ac6520614b401acaf56"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=561979227&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hits2mali.net%2F&ul=en-us&de=UTF-8&dt=Hits2mali.net%20-%20Le%20Meilleur%20de%20la%20musique%20malienne%20%C3%A0%20votre%20port%C3%A9e&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=1971077065&gjid=674573729&cid=788412694.1615825829&tid=UA-88655266-1&_gid=51713389.1615825829&_r=1&did=dZTNiMT&gtm=2ou330&z=1560067408

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hits2mali.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
sdki.truepush.com/sdk/v2.0.2/ 78 KB
18 KB 9ms
9ms Script
application/javascript 2600:9000:2182:5e00:7:6b7b:1000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/v2.0.2/main.js
Requested by: Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.2/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5e00:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44c6910c80294593e72f96595127e5f4a410dcefc42f0d8e0f5384e5067a2416

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 14:03:32 GMT
content-encoding: gzip
last-modified: Tue, 01 Dec 2020 10:00:43 GMT
server: AmazonS3
age: 527217
etag: "82a70c9e31d692ae6c81cf83b8355a2a"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 18350
x-amz-cf-id: TjwOjF_ILg3Hu2pQVyUSjP6k__lpgYP0fDXhP-VwSjVoN14DAQiaPA==

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 47ms
32ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hits2mali.net

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 46ms
29ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hits2mali.net

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 16:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 175D 85 KB
26 KB 727ms
726ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&adk=4259213273&adf=1963878168&pi=t.aa~a.2381849747~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=3&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280&nras=2&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5pTZUWhX8u&p=https%3A//www.hits2mali.net&dtd=17

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce172391cc707f17271017d08a9b94b5b97a4283ebefd24fbde051101bb10177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&adk=4259213273&adf=1963878168&pi=t.aa~a.2381849747~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=3&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280&nras=2&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5pTZUWhX8u&p=https%3A//www.hits2mali.net&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hits2mali.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hits2mali.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 16:30:29 GMT
server: cafe
content-length: 26156
x-xss-protection: 0
set-cookie: IDE=AHWqTUnuvMiBe8y8_xovrNQPbUi3CLvkIK9-MSnkRiB280Pw_p0w3nVisjjvKDFv7vE; expires=Sat, 09-Apr-2022 16:30:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:29 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40DD 107 KB
35 KB 778ms
777ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1360c18140af57843cb8a75b17a07f7a305eaf78e499f79d4d742a4b9b8221e5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK6rtqTcsu8CFatAHQkd1LMBmA&gqi=pItPYI34OKPgzAbNq7vADQ&layout=/sadbundle/%24csp%253Der3%24/8419619511327893301/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hits2mali.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hits2mali.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK6rtqTcsu8CFatAHQkd1LMBmA&gqi=pItPYI34OKPgzAbNq7vADQ&layout=/sadbundle/%24csp%253Der3%24/8419619511327893301/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 16:30:29 GMT
server: cafe
content-length: 35304
x-xss-protection: 0
set-cookie: IDE=AHWqTUl05VBl8ZPaNmjgMAbbqKGFoA3_1oRpeoNnt4GjJ09_65bfamIxcRcnzT_0izE; expires=Sat, 09-Apr-2022 16:30:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:29 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0AB5 107 KB
35 KB 357ms
355ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=4065040184&pi=t.aa~a.2381864193~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=2&bdt=595&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100&nras=4&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cBhtqnQAAL&p=https%3A//www.hits2mali.net&dtd=27

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

406dcc4d20986907c4a0cba626ded27b3eef246d340d469f4af7d71040a441b1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL3stqTcsu8CFU8fGwodvIEG5Q&gqi=pItPYPi8OaiC2fcP952XcA&layout=/sadbundle/%24csp%253Der3%24/8419619511327893301/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=4065040184&pi=t.aa~a.2381864193~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=2&bdt=595&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100&nras=4&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cBhtqnQAAL&p=https%3A//www.hits2mali.net&dtd=27
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hits2mali.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hits2mali.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL3stqTcsu8CFU8fGwodvIEG5Q&gqi=pItPYPi8OaiC2fcP952XcA&layout=/sadbundle/%24csp%253Der3%24/8419619511327893301/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 16:30:29 GMT
server: cafe
content-length: 35380
x-xss-protection: 0
set-cookie: IDE=AHWqTUl9eSSPACVhtWk7jZ0pPCXqf8FLPNk92_IycPy-uD_wYKmqGsATLsxfPLilWfs; expires=Sat, 09-Apr-2022 16:30:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:29 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 48A8 57 KB
12 KB 579ms
578ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=50&adk=3687757306&adf=2483254975&pi=t.aa~a.1285396622~rp.4&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x50&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100%2C367x100&nras=5&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZAvUnH8yKR&p=https%3A//www.hits2mali.net&dtd=32

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e8a98fe952eee308ae971083df396d4031d067662aad81f62109f993a6cff2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2166305276422997&output=html&h=50&adk=3687757306&adf=2483254975&pi=t.aa~a.1285396622~rp.4&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x50&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100%2C367x100&nras=5&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZAvUnH8yKR&p=https%3A//www.hits2mali.net&dtd=32
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hits2mali.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hits2mali.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 15 Mar 2021 16:30:29 GMT
server: cafe
content-length: 12548
x-xss-protection: 0
set-cookie: IDE=AHWqTUmJ0xWpASTeNIsdQxqchQRlxg9MVLfc-bYa9pwLzt4SAdmuWBnj3FneXLiHHQg; expires=Sat, 09-Apr-2022 16:30:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:29 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-88655266-1&cid=788412694.1615825829&jid=1971077065&gjid=674573729&_gid=51713389.1615825829&_u=IAhAAUAAAAAAAC~&z=1033883841

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Mar 2021 16:30:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.hits2mali.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
119 B 31ms
31ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-88655266-1&cid=788412694.1615825829&jid=1971077065&_u=IAhAAUAAAAAAAC~&z=1849486582

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-88655266-1&cid=788412694.1615825829&jid=1971077065&_u=IAhAAUAAAAAAAC~&z=1849486582

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame FAB8 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=90&slotname=2480428536&adk=3466934027&adf=3899349527&pi=t.ma~as.2480428536&w=728&lmt=1615823566&tp=site_kit&psa=0&format=728x90&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828481&bpp=3&bdt=175&idt=258&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6g7mSVCRNe&p=https%3A//www.hits2mali.net&dtd=264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:41:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame FAB8 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:51:57 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAB8 112 KB
34 KB 71ms
57ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 16:30:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame FAB8 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:53:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:53:40 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 6F39 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=60&slotname=2028032198&adk=3294615308&adf=1761816237&pi=t.ma~as.2028032198&w=468&lmt=1615823566&tp=site_kit&psa=0&format=468x60&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828509&bpp=1&bdt=203&idt=254&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=368&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPHJ2FoUqi&p=https%3A//www.hits2mali.net&dtd=259

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:51:57 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F39 112 KB
34 KB 69ms
56ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 16:30:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 6F39 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:53:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:53:40 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6F39 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAGmupItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEsQFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJtOd6-yuvp6gVKi-XamaXUWbfOABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoB-gsCCAGADAGyFxgKFhIUcHViLTIxNjYzMDUyNzY0MjI5OTc&sigh=g6NPFMjnlXE&tpd=AGWhJmtnfPhmvuBi0Oe9LpdT5Qtbln2N_fAi1PVj6_vMfiwtbQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=60&slotname=2028032198&adk=3294615308&adf=1761816237&pi=t.ma~as.2028032198&w=468&lmt=1615823566&tp=site_kit&psa=0&format=468x60&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828509&bpp=1&bdt=203&idt=254&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=368&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPHJ2FoUqi&p=https%3A//www.hits2mali.net&dtd=259
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Mar 2021 16:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200 Cookie set ShowAd Show response
brain.rvty.net/RTB/ Frame 0CF0 2 KB
2 KB 104ms
32ms Document
text/html 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=60&slotname=2028032198&adk=3294615308&adf=1761816237&pi=t.ma~as.2028032198&w=468&lmt=1615823566&tp=site_kit&psa=0&format=468x60&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828509&bpp=1&bdt=203&idt=254&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=368&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPHJ2FoUqi&p=https%3A//www.hits2mali.net&dtd=259
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: a5d3fc599e15b27ac983344f779dd4d39a4e41e8575ae24d7c546bd5b0372ab5

Request headers

Host: brain.rvty.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Server: nginx/1.13.4
Date: Mon, 15 Mar 2021 16:30:29 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: RTBUserId=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8; path=/; SameSite=None; secure; Expires=Tue, 15 Mar 2022 17:30:29 CET RTBUserId-Old=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8; path=/; secure; Expires=Tue, 15 Mar 2022 17:30:29 CET RTBUserId-Plain=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8; path=/; Expires=Tue, 15 Mar 2022 17:30:29 CET
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Encoding: gzip

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3D07 1 KB
854 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 14 Mar 2021 16:59:40 GMT
expires: Mon, 15 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 84649
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/ Frame 5E6C 2 KB
2 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e91f88e994950c9deb8f29695ac34a7e45e7ab83c492e2b5fe5430325783b873

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/3120411795171369841/728x90/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 870
date: Sat, 13 Mar 2021 23:16:22 GMT
expires: Sun, 13 Mar 2022 23:16:22 GMT
last-modified: Thu, 18 Feb 2021 08:51:11 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 148447
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

B25368779.296294406;dc_pre=CKbuw6Tcsu8CFabuuwgdHNkD2Q;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3725257605;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame FAB8
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3725257605;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CKbuw6Tcsu8CFabuuwgdHNkD2Q;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3725257605;dc_lat=;dc_rdid=;tag...

42 B
515 B

116ms
74ms

Fetch
image/gif

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CKbuw6Tcsu8CFabuuwgdHNkD2Q;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3725257605;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CKbuw6Tcsu8CFabuuwgdHNkD2Q;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3725257605;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame FAB8 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIOiYpItPYP_RLo6HlgTPtZD4AZjBoeVhh-i2xOYNv-EeEAEgs4ftcGCViriCyAegAfS4v8UDyAEJqAMByAPIgIACqgS3AU_QKBebKYoXTgG1f690zeIvJz5qkOX63uo9_ZDLFdmHuOxBuId_m9kAerW8UhclKmEufqBGZc8lwGBmI1MlUHyku0Eh2cGz-YjQTz25U0yjca4Z803OQWTgeV17-aeGAQc_rY37vwDI8z3exGf8ESzLc9JuWCPYgdO58VsQVd3hFqCaAxQsCDFyoAVJqHB3T0Jy1BHAvM8Z4p2n-VMSPYM76zMqHcK8xDM2LI6rLEOpTxLnY-Ix28AE37GGs7QDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-yhqKYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJ3XA9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0yMTY2MzA1Mjc2NDIyOTk3&sigh=b9qZnuOxhV0&template_id=419&tpd=AGWhJmvGzydFz_mOmZNPrjZOHtM36Fc3duLf97jKaQAXRr9URA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=90&slotname=2480428536&adk=3466934027&adf=3899349527&pi=t.ma~as.2480428536&w=728&lmt=1615823566&tp=site_kit&psa=0&format=728x90&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828481&bpp=3&bdt=175&idt=258&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6g7mSVCRNe&p=https%3A//www.hits2mali.net&dtd=264
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Mar 2021 16:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A602 143 B
220 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=90&slotname=2480428536&adk=3466934027&adf=3899349527&pi=t.ma~as.2480428536&w=728&lmt=1615823566&tp=site_kit&psa=0&format=728x90&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828481&bpp=3&bdt=175&idt=258&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6g7mSVCRNe&p=https%3A//www.hits2mali.net&dtd=264
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn139ek6vGAw53q9zSknpwZ7oPk8_4dqVJEkvbvi2TBKAsrDh4bsfWN833obds
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=90&slotname=2480428536&adk=3466934027&adf=3899349527&pi=t.ma~as.2480428536&w=728&lmt=1615823566&tp=site_kit&psa=0&format=728x90&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&wgl=1&dt=1615825828481&bpp=3&bdt=175&idt=258&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6g7mSVCRNe&p=https%3A//www.hits2mali.net&dtd=264

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Mar 2021 15:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2945
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame FAB8 0
111 B 39ms
39ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-zq6Tcsu8CFY6DhQodzxoEHw&gqi=pItPYPyHLoa2-wbI3a2AAQ&layout=/sadbundle/%24csp%253Der3%24/3120411795171369841/728x90/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 5E6C 9 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5E6C 22 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/ Frame 5E6C 140 KB
39 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d09da0c3245664a4a6b03f0e4d6b132db88ce994750d8324640403f93814d6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 280885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40127
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 08:51:11 GMT
server: sffe
date: Fri, 12 Mar 2021 10:29:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 10:29:04 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3D07 35 B
463 B 32ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBPXw0fmSTjOs9NjkpJu-x4&google_cver=1&google_push=AQvitUKP2iIjAiVXyhuHdRkp0CbGF6IQ9AJGq3UopJKN_i71-an5TBzEumq07I7Pyrn7iwwGeZGgNmpCrv_8LSbj-FeDHBKBVLBPWQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3D07
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUI8mkpfnjjgGfVIXZ63bGz7gy9iFwMQf2zpG5A...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVATHBRQUFCQkI4VWhkMQ&google_push=AQvitUI8mkpfnjjgGfVIXZ63bGz7gy9iFwMQf2zpG5Ay-v-ix_WGLGFtI_HHCVxwaDmkMYZr2yLU_ETiRui2s7d3OMch93fKXCjD

170 B
190 B

43ms
42ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVATHBRQUFCQkI4VWhkMQ&google_push=AQvitUI8mkpfnjjgGfVIXZ63bGz7gy9iFwMQf2zpG5Ay-v-ix_WGLGFtI_HHCVxwaDmkMYZr2yLU_ETiRui2s7d3OMch93fKXCjD

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVATHBRQUFCQkI4VWhkMQ&google_push=AQvitUI8mkpfnjjgGfVIXZ63bGz7gy9iFwMQf2zpG5Ay-v-ix_WGLGFtI_HHCVxwaDmkMYZr2yLU_ETiRui2s7d3OMch93fKXCjD
Date: Mon, 15 Mar 2021 16:30:29 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3D07
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEHjSV9fENw7SxuoZwEBq0gU&google_cver=1&google_push=AQvitULombakAXmJn01KIKzIXXPaC4VulQ9tuQgl3gjnMtq_irlf7ug7cq7SABPGbS8SlTRGt9muHsNZ_DfnAnaylOHZ0n4FNduWsg
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VIalNWOWZFTnc3U3h1b1p3RUJxMGdV

170 B
484 B

99ms
56ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VIalNWOWZFTnc3U3h1b1p3RUJxMGdV

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 16:30:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VIalNWOWZFTnc3U3h1b1p3RUJxMGdV
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3D07
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFAv9klbaqqxzF7E3EYWSW0&google_cver=1&google_push=AQvitULJMIb9NRqYFrGM-9_MBuZ1R9L2Up5xg0ww_mP-TMaV8U4M7VDFMv5CKhvdZQZk7FwAHMjm6G593DosbERA_wkkSZLKakkU3Q
https://rtb.openx.net/sync/dds?google_gid=CAESEFAv9klbaqqxzF7E3EYWSW0&google_cver=1&google_push=AQvitULJMIb9NRqYFrGM-9_MBuZ1R9L2Up5xg0ww_mP-TMaV8U4M7VDFMv5CKhvdZQZk7FwAHMjm6G593DosbERA_wkkSZLKakkU3...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULJMIb9NRqYFrGM-9_MBuZ1R9L2Up5xg0ww_mP-TMaV8U4M7VDFMv5CKhvdZQZk7FwAHMjm6G593DosbERA_wkkSZLKakkU3Q&google_hm=OdHUmRv1znIrbzB0EktYrA==

170 B
190 B

42ms
42ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULJMIb9NRqYFrGM-9_MBuZ1R9L2Up5xg0ww_mP-TMaV8U4M7VDFMv5CKhvdZQZk7FwAHMjm6G593DosbERA_wkkSZLKakkU3Q&google_hm=OdHUmRv1znIrbzB0EktYrA==

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:28 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULJMIb9NRqYFrGM-9_MBuZ1R9L2Up5xg0ww_mP-TMaV8U4M7VDFMv5CKhvdZQZk7FwAHMjm6G593DosbERA_wkkSZLKakkU3Q&google_hm=OdHUmRv1znIrbzB0EktYrA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: t5tpgajbfjair3psdijldjuclvjd2nj4

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3D07
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wbMBDdmAS5626F0rJdLRyQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

45ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wbMBDdmAS5626F0rJdLRyQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIjx1RIqj7DRPC0xVzDG9uU9IQpVPTjGRoWBraIodt89BNMhRH_ouOXx6J9VAUpp0wjRVzBub0hHjscbqnq4JhrsNTol1EioQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wbMBDdmAS5626F0rJdLRyQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIjx1RIqj7DRPC0xVzDG9uU9IQpVPTjGRoWBraIodt89BNMhRH_ouOXx6J9VAUpp0wjRVzBub0hHjscbqnq4JhrsNTol1EioQ
Date: Mon, 15 Mar 2021 16:30:28 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3D07
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBXyteUi2spqaFUzO8WlDTo&google_cver=1&google_push=AQvitUJsGKb12_oZspNkZ88VRp43Z5ernJ1hr1FCPv3iCNLPLGk43CoWC5QXKUElQStiPNv2d0k...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01BU1o5ODQtUS1BUVda&google_push=AQvitUJsGKb12_oZspNkZ88VRp43Z5ernJ1hr1FCPv3iCNLPLGk43CoWC5QXKUElQStiPNv2d0k0Di1VluLnOal_vyizPuRqA2OLjg

170 B
190 B

100ms
57ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01BU1o5ODQtUS1BUVda&google_push=AQvitUJsGKb12_oZspNkZ88VRp43Z5ernJ1hr1FCPv3iCNLPLGk43CoWC5QXKUElQStiPNv2d0k0Di1VluLnOal_vyizPuRqA2OLjg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01BU1o5ODQtUS1BUVda&google_push=AQvitUJsGKb12_oZspNkZ88VRp43Z5ernJ1hr1FCPv3iCNLPLGk43CoWC5QXKUElQStiPNv2d0k0Di1VluLnOal_vyizPuRqA2OLjg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 3D07
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMMiSgxiaBuIRrWjvnBYNmk&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMMiSgxiaBuIRrWjvnBYNmk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YE-LpbwgTlTeGNMWb7yFkgAAASEAAAIB&google_push=AQvitUKmQAxLQy9k0XE6mqHUvVQ8HeeZfEk_qTUOmgNY5HJx5LELhOh2Mb5aHmaBBeQe7x0nK_2VhPK7L8pNVVecZD...

170 B
190 B

42ms
42ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YE-LpbwgTlTeGNMWb7yFkgAAASEAAAIB&google_push=AQvitUKmQAxLQy9k0XE6mqHUvVQ8HeeZfEk_qTUOmgNY5HJx5LELhOh2Mb5aHmaBBeQe7x0nK_2VhPK7L8pNVVecZD_tsNyjkKGMiA&google_cver=1&google_gid=CAESEMMiSgxiaBuIRrWjvnBYNmk

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 16:30:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YE-LpbwgTlTeGNMWb7yFkgAAASEAAAIB&google_push=AQvitUKmQAxLQy9k0XE6mqHUvVQ8HeeZfEk_qTUOmgNY5HJx5LELhOh2Mb5aHmaBBeQe7x0nK_2VhPK7L8pNVVecZD_tsNyjkKGMiA&google_cver=1&google_gid=CAESEMMiSgxiaBuIRrWjvnBYNmk
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Mon, 15 Mar 2021 16:30:29 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3D07 0
227 B 128ms
43ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IaGG9lHyWfhFsOnqIECHBPGC6kPmQUZ1t6qgh_No20BYw1347ws3j9kbDx5Ey__nw5HGLe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:29 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A602
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

38ms
38ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn139ek6vGAw53q9zSknpwZ7oPk8_4dqVJEkvbvi2TBKAsrDh4bsfWN833obds
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Mar 2021 16:30:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 15-Mar-2021 17:30:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Mar 2021 16:30:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6F39 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 368ecffadfb880326385c05d90dc169f4901f3e6494ee3945e6aa30d36b4c7b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/ Frame 5E6C 182 KB
21 KB 35ms
21ms XHR
application/json 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3120411795171369841/728x90/lottie_light.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd472e3bbd68f2babe5d5c95bea791b576e3cb6f55c85078137c60124cb06543

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 518766
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19828
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 08:51:11 GMT
server: sffe
date: Tue, 09 Mar 2021 16:24:23 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 16:24:23 GMT

GET
DATA 200
OK truncated
/ Frame FAB8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f88bdec59ea045048a55bcd6f588e0418338687a0a7b8ec8a52efb4d74afa4d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ads_view.js Show response
cdn.rvty.net/view/ Frame 0CF0 3 KB
4 KB 96ms
32ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/view/ads_view.js
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:29 GMT
Last-Modified: Fri, 20 Dec 2019 09:27:25 GMT
Server: nginx/1.13.4
ETag: "5dfc93fd-d40"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3392

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E6C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 93610
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 53C8 1 KB
975 B 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ef57fce5723a0297044d4fb8504daddf994d540b5e5f1a2f501f6aa289878a4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/8419619511327893301/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 611
date: Wed, 10 Mar 2021 14:38:45 GMT
expires: Thu, 10 Mar 2022 14:38:45 GMT
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 438704
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame F6F8 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeJ3LpItPYL2KOs--bLyDmqgOuMv12WHQ17er1A2L_PTrzSIQASCzh-1wYJWKuILIB6AB7__f4QLIAQmpAlqpvjoZX7c-qAMByANIqgS8AU_Q4oBRgCw6SLtqAV5862w6vuxJWoZZ2k0aQYg_WcJ-rw7ReJedIT41qVAC3j-kRrgbgF7qwwM6gHJ18bhRp7rgvxpz3ciDisWjce65EpfvHZKsadrSSp0iL4eh80Fgi0nlQ6SbzBl4zlsRgyCPSZJu0L1H5JGMzXnbXwBXrRV340HOytCLrVc5XBD5TLBYIlRaN2r_mlaRTw_ZAsd-m0iupdss2ix_Bu3Co6rbIasBO04evA80FGTjbz0twAT-79TAtAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-f-fngGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ9q4U0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTIxNjYzMDUyNzY0MjI5OTc&sigh=ufKYnq4me94&template_id=419&tpd=AGWhJmsYc2VRtHcTAI78jrWhzJpOlKFNtLNo4tATwsIfyaPSqw

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=4065040184&pi=t.aa~a.2381864193~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=2&bdt=595&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100&nras=4&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cBhtqnQAAL&p=https%3A//www.hits2mali.net&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Mar 2021 16:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame F6F8 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=4065040184&pi=t.aa~a.2381864193~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=2&bdt=595&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100&nras=4&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cBhtqnQAAL&p=https%3A//www.hits2mali.net&dtd=27

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:51:36 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame F6F8 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:52:46 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6F8 112 KB
34 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 16:30:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame F6F8 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 16:24:17 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F6F8 0
0 14ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnDGhmEqNf0a_H-mUq1OUnTjLY185KQyh9FiUT01B4xKs7MgLxmsb2usBJN-00ceNG4356HEQK-3ycIZBCFfFGHoSxMA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=4065040184&pi=t.aa~a.2381864193~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=2&bdt=595&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100&nras=4&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cBhtqnQAAL&p=https%3A//www.hits2mali.net&dtd=27
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/ Frame AC8B 11 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

569adc885c3ef6244c43dc4c4f107c5477402a47c12fb68d1caa3e6dafe4b041

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12657435737818723370/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3274
date: Thu, 11 Mar 2021 09:43:57 GMT
expires: Fri, 11 Mar 2022 09:43:57 GMT
last-modified: Fri, 05 Feb 2021 15:19:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 369992
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 518E 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpyNwpItPYMfUMJSTlgS02ovwA7ngwNJhgbPpjK8NrgIQASCzh-1wYJWKuILIB6AB0Maj4QPIAQmpAiLReUlCbn8-qAMByANIqgS2AU_Q1tXuy4HLzfnyC_clNslOVeD9E0Yyjo39gxq3OI9OhkjgsSgwOsGyCK1fdfqRbdNhsN9ZRr_kHoQbBWzRyo2unK6wUZx3e9dY_N_ADBdahg1b0ZF5vTXnIkR8NXy7SJ6kK4VHw2HicDZ5I6JXxsMTC10grmJ0Y2XjsSFy7sV6ed31Fr9-iGFWiuvECOhspxGr5KwMDwH8GdMURtqksSmTRoCSuSfc9431dY-PIeYicKj2BuZCwATfl-DQmQKSBQQIBBgBkgUECAUYBKAGLoAHmLncHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDJ5CLSCAkIgOGAEBABGB-ACgHICwHYEwyYFgGyFxoKGAgAEhRwdWItMjE2NjMwNTI3NjQyMjk5Nw&sigh=UtF1-wFm624&template_id=419&tpd=AGWhJmt5t9yk1gdOyWIzErHjii8V4vYBeamMV5XNcQyxtgsU5g

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&slotname=3837896442&adk=1853870413&adf=593623235&pi=t.ma~as.3837896442&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615825828554&bpp=3&bdt=248&idt=220&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LAhUG1Nlma&p=https%3A//www.hits2mali.net&dtd=223
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Mar 2021 16:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame 518E 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&slotname=3837896442&adk=1853870413&adf=593623235&pi=t.ma~as.3837896442&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615825828554&bpp=3&bdt=248&idt=220&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LAhUG1Nlma&p=https%3A//www.hits2mali.net&dtd=223

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:51:36 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 518E 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:52:46 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 518E 112 KB
34 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 16:30:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 518E 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 16:24:17 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 54D9 143 B
220 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=4065040184&pi=t.aa~a.2381864193~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=2&bdt=595&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100&nras=4&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cBhtqnQAAL&p=https%3A//www.hits2mali.net&dtd=27
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmJ0xWpASTeNIsdQxqchQRlxg9MVLfc-bYa9pwLzt4SAdmuWBnj3FneXLiHHQg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=4065040184&pi=t.aa~a.2381864193~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=2&bdt=595&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100&nras=4&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=cBhtqnQAAL&p=https%3A//www.hits2mali.net&dtd=27

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Mar 2021 15:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2945
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 662D 143 B
165 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&slotname=3837896442&adk=1853870413&adf=593623235&pi=t.ma~as.3837896442&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615825828554&bpp=3&bdt=248&idt=220&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LAhUG1Nlma&p=https%3A//www.hits2mali.net&dtd=223
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmJ0xWpASTeNIsdQxqchQRlxg9MVLfc-bYa9pwLzt4SAdmuWBnj3FneXLiHHQg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&slotname=3837896442&adk=1853870413&adf=593623235&pi=t.ma~as.3837896442&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615825828554&bpp=3&bdt=248&idt=220&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LAhUG1Nlma&p=https%3A//www.hits2mali.net&dtd=223

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Mar 2021 15:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2945
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK rnql7dv15846 Show response
ad.ad-srv.net/zone/ Frame 0CF0 10 KB
3 KB 112ms
36ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/rnql7dv15846?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D87552146%2526a%253D120424%2526t%253D1615825829135%2526l%253D573473%2526p%253D3%2526appid%253D%2526aa%253D604f8ba4-000c-fa8a-0a1b-ba0c79045791%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 618804f68357f8974fbe1df2998b9893e2dcbe79e3d3646e09f019923c5d8d69

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:29 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3362
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame F6F8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f58cbd5ac0aaa3dcf33d6ca41cfd1421bd2d906820d1bccffd3f928291f4b19b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 518E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d93ac6e21973cbe29b3f35409177b52e38444a80d9a3526a807552be987837b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame F6F8 0
23 B 39ms
39ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL3stqTcsu8CFU8fGwodvIEG5Q&gqi=pItPYPi8OaiC2fcP952XcA&layout=/sadbundle/%24csp%253Der3%24/8419619511327893301/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 518E 0
23 B 40ms
40ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMe2raTcsu8CFZSJhQodNO0CPg&gqi=pItPYPf-L7GA2fcPh4WYeA&layout=/sadbundle/%24csp%253Der3%24/12657435737818723370/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 53C8 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 53C8 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 css2
fonts.googleapis.com/ Frame 53C8 1 KB
894 B 44ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@700&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6409c4e0df68022b76429e1521e7043755c93e5785e0d383d9d0ddf611762944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 15:17:28 GMT
server: ESF
date: Mon, 15 Mar 2021 16:30:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 16:30:29 GMT

GET
H3-Q050 200 styles.min.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 53C8 2 KB
1 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/styles.min.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81380199260edb5931b1ac07be1c82e8cf84a4fb6b0260053f5c3eed072d8ba5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 488549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Wed, 10 Mar 2021 00:48:00 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 00:48:00 GMT

GET
H2 200 gsap_3.1.0_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 53C8 56 KB
23 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22938
x-xss-protection: 0
last-modified: Fri, 24 Jan 2020 21:59:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Mar 2021 16:30:29 GMT

GET
H3-Q050 200 img_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 53C8 1 KB
1 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/img_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5aeeb7785c228b8b8aed2b730fa14522162315aa1d80cd7bad581f7657b1a48

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 491033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Wed, 10 Mar 2021 00:06:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 00:06:36 GMT

GET
H3-Q050 200 script.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 53C8 23 KB
9 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/script.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c816749de6597d50e03fd8f01e9d55c9ce6e701bc2f8277d5194007d6e4bc01e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 527248
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7725
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Tue, 09 Mar 2021 14:03:01 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 14:03:01 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame AC8B 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AC8B 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 efd5af212b790b949ef103480dddb5e7.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/ Frame AC8B 69 KB
19 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/efd5af212b790b949ef103480dddb5e7.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 391684
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18481
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:29 GMT
server: sffe
date: Thu, 11 Mar 2021 03:42:25 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 03:42:25 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame B0E2 185 KB
53 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=50&adk=3687757306&adf=2483254975&pi=t.aa~a.1285396622~rp.4&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x50&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100%2C367x100&nras=5&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZAvUnH8yKR&p=https%3A//www.hits2mali.net&dtd=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 89996
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Sun, 14 Mar 2021 15:30:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Mar 2022 15:30:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame B0E2 12 KB
5 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 89996
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Sun, 14 Mar 2021 15:30:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Mar 2022 15:30:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame B0E2 87 KB
27 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 89996
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Sun, 14 Mar 2021 15:30:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Mar 2022 15:30:33 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame B0E2 70 KB
16 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281058
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16397
x-xss-protection: 0
server: sffe
date: Fri, 12 Mar 2021 10:26:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2ccf127281514232"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 10:26:11 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame B0E2 3 KB
1 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 89996
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Sun, 14 Mar 2021 15:30:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Mar 2022 15:30:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame B0E2 40 KB
13 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 89996
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Sun, 14 Mar 2021 15:30:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Mar 2022 15:30:33 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame B0E2 3 KB
564 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700,600

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e50ae8c1c46efcb45faec29e700ee3c2ee9b709308d752e1e3992664a4d4b3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 15:35:58 GMT
server: ESF
date: Mon, 15 Mar 2021 16:30:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 16:30:29 GMT

GET
DATA 200
OK truncated
/ Frame B0E2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7be9c729aa35a673d4327391b4ec1e3cdebe1cf94677679c3aff01d738191bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B0E2 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 03:56:50 GMT
x-content-type-options: nosniff
server: cafe
age: 45219
etag: 12021612326893382710
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2724
x-xss-protection: 0
expires: Tue, 16 Mar 2021 03:56:50 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B0E2 295 B
505 B 8ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 61538
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 15 Mar 2021 23:24:51 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame B0E2 0
0 16ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQifts7rV_j4i1fiKYyN8aT_sfA6PuIq3vr99sB9K6snTK7VD85iiIGRPZEjJpGDEuYioljMXXQIUkjNeUOoAakoWU_TQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=50&adk=3687757306&adf=2483254975&pi=t.aa~a.1285396622~rp.4&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x50&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100%2C367x100&nras=5&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZAvUnH8yKR&p=https%3A//www.hits2mali.net&dtd=32
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame B0E2 0
232 B 43ms
41ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbPN3pItPYO-tO47vbvSGipgEl568qlv35K2Mhg3h3Y-jjBkQASCzh-1wYJWKuILIB6AB77z00gPIAQmpAlIC0pSIH4U-qAMByAMIqgS6AU_Q7A9PiOCdXCOG665NVpy8h6gtxeCntp3T1HhfHsFxuBD_492wsV0sT1p4H9QENvVZumvc4O_E-jKf93dK31tYeRpwR-8oRGzhRry6Vn1BFX0kdMimfWbdLSOlu3lBaI5t9WPDhV_6Qbx5pyEUuCroVFbGZyaPJi9cXN3bDnS_B5NbTsssBU6e76K07-dpqRD7430vx3L3gczDMW3T8pgOXtbUyREIERDnR3EpiVm0ArfHQ21sKgjDisAEuuPivtwCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_nCiy2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ39ML0ggJCIDhgBAQARgfgAoByAsB2BMC0BUBgBcBshcaChgIABIUcHViLTIxNjYzMDUyNzY0MjI5OTc&sigh=Nsb6bhD9YQ0&template_id=419&tpd=AGWhJmvk_f7udmi6kJpcdIAHcHZ6u1gxD68U975f6kzyn_SQhA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=50&adk=3687757306&adf=2483254975&pi=t.aa~a.1285396622~rp.4&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x50&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100%2C367x100&nras=5&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZAvUnH8yKR&p=https%3A//www.hits2mali.net&dtd=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Mar 2021 16:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adf84f01b70a102ae69aa34225526e98.jpg
tpc.googlesyndication.com/sadbundle/1533600109594279543/media/ Frame B0E2 17 KB
17 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1533600109594279543/media/adf84f01b70a102ae69aa34225526e98.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8eb772e9d83d05539b17cc5ca79fb1ee7c331f1e6741a2460555b70f6c19d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 01:45:29 GMT
x-content-type-options: nosniff
age: 398700
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17642
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 01:45:29 GMT

GET
H3-Q050 200 65079f5f9bd08f675542bcfb596b0cb1.png
tpc.googlesyndication.com/sadbundle/1533600109594279543/media/ Frame B0E2 3 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1533600109594279543/media/65079f5f9bd08f675542bcfb596b0cb1.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69608a9461ed86cee5a354339af36c7b6b3748d2fd426f8b5f9870501634480b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 07:05:33 GMT
x-content-type-options: nosniff
age: 379496
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2619
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 07:05:33 GMT

GET
H/1.1

200
OK

request.php Show response
ad13.ad-srv.net/ Frame 0CF0
Redirect Chain

https://ad13.ad-srv.net/request.php?zone=rnql7dv15846&nw=14&renderingType=javascript&namespace=f1693882be&subid=&uid=0ce153df675407aa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x6...
https://ad13.ad-srv.net/request.php?zone=rnql7dv15846&nw=14&renderingType=javascript&namespace=f1693882be&subid=&uid=0ce153df675407aa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x6...

597 B
917 B

135ms
60ms

Script
application/x-javascript

116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.ad-srv.net/request.php?zone=rnql7dv15846&nw=14&renderingType=javascript&namespace=f1693882be&subid=&uid=0ce153df675407aa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D87552146%2526a%253D120424%2526t%253D1615825829135%2526l%253D573473%2526p%253D3%2526appid%253D%2526aa%253D604f8ba4-000c-fa8a-0a1b-ba0c79045791%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.hits2mali.net&random=1332377411695&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 8f36a5a22d5c73e8b2c6f1d780296ffb19a169ca4cd7a0254705001e7e82ba24

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 16:30:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 69148500153115300906801011534013
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 320
Expires: Mon, 15 Mar 2021 16:30:30 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 16:30:29 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=rnql7dv15846&nw=14&renderingType=javascript&namespace=f1693882be&subid=&uid=0ce153df675407aa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D87552146%2526a%253D120424%2526t%253D1615825829135%2526l%253D573473%2526p%253D3%2526appid%253D%2526aa%253D604f8ba4-000c-fa8a-0a1b-ba0c79045791%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.hits2mali.net&random=1332377411695&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 15 Mar 2021 16:30:29 +0100

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 175D 2 KB
553 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&adk=4259213273&adf=1963878168&pi=t.aa~a.2381849747~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=3&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280&nras=2&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5pTZUWhX8u&p=https%3A//www.hits2mali.net&dtd=17

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 15:58:41 GMT
server: ESF
date: Mon, 15 Mar 2021 16:30:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 16:30:29 GMT

GET
H3-Q050 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ Frame B0E2 46 KB
46 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700,600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:26:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 597819
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:26:50 GMT

GET
H3-Q050 200 7c9238132acc3501dec94b8706ed02bb.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/ Frame AC8B 21 KB
21 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/7c9238132acc3501dec94b8706ed02bb.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df480865ef8a7c05d4c027f411316b42d88d8b2bfca6b98ef69d526b9933a11

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 527771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21031
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:29 GMT
server: sffe
date: Tue, 09 Mar 2021 13:54:18 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 13:54:18 GMT

GET
H3-Q050 200 14179ad911314116ada58e9d7095233e.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/ Frame AC8B 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/14179ad911314116ada58e9d7095233e.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66b45568fef2ad5b4bf571ad8abf7c30ae5145db9cb2c6d077d8bbf514f0734c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 496213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2771
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:29 GMT
server: sffe
date: Tue, 09 Mar 2021 22:40:16 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 22:40:16 GMT

GET
H3-Q050 200 1d38648e5c2ca441ecf9aaf50ad09927.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/ Frame AC8B 9 KB
3 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/1d38648e5c2ca441ecf9aaf50ad09927.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cbdd83b771f50330d3b8b99ecc5d3e418abb6947718d1260f1dea666bc60cef

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 382101
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2098
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:29 GMT
server: sffe
date: Thu, 11 Mar 2021 06:22:08 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 06:22:08 GMT

GET
H3-Q050 200 fc9f3426038acaf80eeed1d75f6c9a3b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/ Frame AC8B 28 KB
28 KB 13ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/fc9f3426038acaf80eeed1d75f6c9a3b.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ac3537cdc9bc4b6dcd500b0161c2a585f0fc9b634f7b1db6f7873702858df88

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 349157
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28557
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:29 GMT
server: sffe
date: Thu, 11 Mar 2021 15:31:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 15:31:12 GMT

GET
H3-Q050 200 c561af94e35f155e6972954b80d23d7f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/ Frame AC8B 7 KB
8 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/c561af94e35f155e6972954b80d23d7f.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b095daa45c5aedc085f2017153d1aa6507ba6475cc0b7c7918d1eaa557671efd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 496911
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7576
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:29 GMT
server: sffe
date: Tue, 09 Mar 2021 22:28:38 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 22:28:38 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 175D 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:45:37 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame 175D 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:51:36 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 175D 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:52:46 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 175D 112 KB
34 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 16:30:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 175D 13 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 16:24:17 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 175D 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT16HL5s4L7YOq0QXi9TvbWN12Isc4EfV1O_tegP-BGlZQKCmbhe6tvFJ7Yk-IwK7aOKDlLOCyGbxhmLXkJGZMbJvbAFg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&adk=4259213273&adf=1963878168&pi=t.aa~a.2381849747~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=3&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280&nras=2&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5pTZUWhX8u&p=https%3A//www.hits2mali.net&dtd=17
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 175D 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 03:08:06 GMT
server: sffe
age: 414802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:17:07 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 175D 18 KB
18 KB 33ms
6ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSF4gXiIj0BYdIK6PBH0DYSSl2Jia_mz8A4DMnW1Z8Ek_b0SGg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10122761ccc1faf27b6a2b4115abd18bdf61c146de1f2a5fbeff0e6dcc438c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:37:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 16:46:08 GMT
server: sffe
age: 330765
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18297
x-xss-protection: 0
expires: Fri, 11 Mar 2022 20:37:44 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 175D 18 KB
19 KB 32ms
6ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRZz87YxAL3hFfuzYZk7FFlHkocY2J54LuBA_BCKmhTSgTNFrM&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98abea58658ab3f76b329fe8623e1d6e5292fbe35c598192f072721b2714a33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 05:20:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 16:52:59 GMT
server: sffe
age: 385806
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18728
x-xss-protection: 0
expires: Fri, 11 Mar 2022 05:20:23 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 175D 19 KB
19 KB 37ms
11ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSZln5fg1g7SJmrYqEdJGKzAJxbBaFoWPGqDqtZaw9PfeQ0aezvDjOz8Yvxr84&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59b2eb0b2e93464ba9b7547701ad6b9a04fb9caf66d388dfef47231c1ea77c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 15:09:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Aug 2020 08:13:15 GMT
server: sffe
age: 264081
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19535
x-xss-protection: 0
expires: Sat, 12 Mar 2022 15:09:08 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 175D 27 KB
27 KB 37ms
12ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRBHTbKtwvOOO36PE6Rktmn46udmjqJ9ZIuTgYzUhxt4jQs2PYQxnn5kv1x5A&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df8cfd2d6222ccc7f36ed7f13e5ea9083f5b0a395dd638f4e6b46d49d2ecf6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:34:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Aug 2020 08:31:30 GMT
server: sffe
age: 392175
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27854
x-xss-protection: 0
expires: Fri, 11 Mar 2022 03:34:14 GMT

GET
H3-Q050

200

1983956361488939258
tpc.googlesyndication.com/simgad/ Frame 175D
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDn1rumqgEQgAQYgAQyCKpaVzU2OX36
https://tpc.googlesyndication.com/simgad/1983956361488939258

7 KB
8 KB

7ms
6ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1983956361488939258

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07b80651827613a299861af1e6b4252457c1174368dfeac94af759e429568cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 22:21:05 GMT
x-content-type-options: nosniff
age: 497364
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7470
x-xss-protection: 0
last-modified: Tue, 07 Apr 2020 13:25:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 22:21:05 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 12:26:33 GMT
x-content-type-options: nosniff
server: cafe
age: 14636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/1983956361488939258
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Apr 2021 12:26:33 GMT

GET
H3-Q050 200 cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 53C8 13 KB
3 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/cta.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/styles.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8841d0950d19fbaa864bcbc03931b0bb6337b578f2df9a809267eaefc3b8c59c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 468265
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3090
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Wed, 10 Mar 2021 06:26:04 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 06:26:04 GMT

GET
H3-Q050 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 53C8 11 KB
5 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/styles.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea3d8946d5dc15be52ab94d0b6b504d46d2e849f95f5b0de1d2da45e60d1378b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 27488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3800
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Mon, 15 Mar 2021 08:52:21 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 08:52:21 GMT

GET
H3-Q050 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ Frame 53C8 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e0d1cf0ded40281f4b4c439d8c6e6630e3b31acf44d0d198e2513680c4bac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:42:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
age: 413282
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20676
x-xss-protection: 0
expires: Thu, 10 Mar 2022 21:42:27 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 175D 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPnC1pItPYM_OOYyjlgSt2ovwA5aVldVhz8X6q6QN_4ihnY0kEAEgs4ftcGCViriCyAegAY_Hhe4DyAEJqQJo22BQCQS0PqgDAcgDywSqBLYBT9CQIahp6znsjcfj7iKf1whmoIxTLGxpTLFKpTr25G9AVi8IIxpQVOjVeFLh5rS6SugmYyr20ig5qwF6L3m7ex6AsuZrz3ovvsDA_ZqcPThil0IppSODqG4J8NmxFoDZEfVK5LBEUxlxl4NWaYqM40c_pieLEeqsYG4jyCngEv0vpI2btEvdGA_lWZh19PNAomKtapBRwobEKirxX7DLZ-wTO-_2sc7aSD6Oh1MK7mGfcHFGkVfABJLpz42_A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfM2PAfqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDd7A3SCAkIgOGAEBABGB-ACgHICwHYEwuIFAGyFxoKGAgAEhRwdWItMjE2NjMwNTI3NjQyMjk5Nw&sigh=lXA-H6wz-z8&template_id=494&tpd=AGWhJmsr9GbPDdNiiH8Wnc9cXUErwNmg6-chhXMswIpDAMT6rA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=280&adk=4259213273&adf=1963878168&pi=t.aa~a.2381849747~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x280&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=3&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280&nras=2&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5pTZUWhX8u&p=https%3A//www.hits2mali.net&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Mar 2021 16:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 54D9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

39ms
38ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUl05VBl8ZPaNmjgMAbbqKGFoA3_1oRpeoNnt4GjJ09_65bfamIxcRcnzT_0izE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Mar 2021 16:30:30 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 15-Mar-2021 17:30:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:30 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Mar 2021 16:30:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 662D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

39ms
38ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUl05VBl8ZPaNmjgMAbbqKGFoA3_1oRpeoNnt4GjJ09_65bfamIxcRcnzT_0izE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Mar 2021 16:30:30 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 15-Mar-2021 17:30:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:30 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Mar 2021 16:30:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 a68b7fadfb4da95f230d3f433e82c811.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/ Frame AC8B 4 KB
1 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/media/a68b7fadfb4da95f230d3f433e82c811.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12657435737818723370/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12190d85f4a5680fa50cbecd63338f26c51dca175c17ceb654079a0093d731d6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 91355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1265
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:29 GMT
server: sffe
date: Sun, 14 Mar 2021 15:07:54 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Mar 2022 15:07:54 GMT

GET
H3-Q050 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012101070013000/ 20 KB
8 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-host-v0.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6baeae3cb3f5723d40c311888b0da77590b8dc1353c5c7c6e944e7f6c346ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 406037
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7295
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 23:43:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f6fcef8ec3898355"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 23:43:13 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F339 1 KB
755 B 8ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 14 Mar 2021 16:59:40 GMT
expires: Mon, 15 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 84650
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 175D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cace7f665bd3f6095087cea9f092f1f269f3f13b60c06da8bfb2513d9c0701b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 6760 1 KB
726 B 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ef57fce5723a0297044d4fb8504daddf994d540b5e5f1a2f501f6aa289878a4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/8419619511327893301/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 611
date: Wed, 10 Mar 2021 14:38:45 GMT
expires: Thu, 10 Mar 2022 14:38:45 GMT
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 438705
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame C768 0
0 50ms
44ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtzZHpItPYK7JOauB9fgP1OeGwAm4y_XZYdDXt6vUDYv89OvNIhABILOH7XBglYq4gsgHoAHv_9_hAsgBCakCWqm-Ohlftz6oAwHIA0iqBL4BT9Cl-A6lidN5nU8wjF1mrylKPrCToKrhLnsCTFq-71lpQmnq17Ei-Ov6i2TVNSjRbPHk1KzdO8KFDhQ1ucQFhVGemwdC4LRuQGYr-lCa5f5IC1UE346MlGUUqABPDohoGi2kOAfHo7n7ixYdBBweLmy4tTuRODbnGpIdfkx3c5G6v9ERHdB1ptf9YAvH2YEornmeQ5bJvKtajGkUzEciO1QrT_W3DjR-ke_ehCV5PSHF7yEom6-kcL0LVw5RDMAE_u_UwLQDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_n_n54BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJXGAdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0yMTY2MzA1Mjc2NDIyOTk3&sigh=UMX-qgUHQbc&template_id=419&tpd=AGWhJms_q1BDTMWitOI1KjkS07ximfwlNqqMS2IPD7rSE8blKQ

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Mar 2021 16:30:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame C768 17 KB
7 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:51:36 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame C768 2 KB
1 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 15:52:46 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C768 112 KB
34 KB 44ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 16:30:30 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame C768 13 KB
6 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Mar 2021 16:24:17 GMT

GET
H3-Q050 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B0E2 3 KB
3 KB 12ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 03:56:50 GMT
x-content-type-options: nosniff
server: cafe
age: 45220
etag: 12021612326893382710
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2724
x-xss-protection: 0
expires: Tue, 16 Mar 2021 03:56:50 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B0E2 295 B
406 B 11ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 61539
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 15 Mar 2021 23:24:51 GMT

GET
H3-Q050 200 adf84f01b70a102ae69aa34225526e98.jpg
tpc.googlesyndication.com/sadbundle/1533600109594279543/media/ Frame B0E2 17 KB
17 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1533600109594279543/media/adf84f01b70a102ae69aa34225526e98.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8eb772e9d83d05539b17cc5ca79fb1ee7c331f1e6741a2460555b70f6c19d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 01:45:29 GMT
x-content-type-options: nosniff
age: 398701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17642
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 01:45:29 GMT

GET
H3-Q050 200 65079f5f9bd08f675542bcfb596b0cb1.png
tpc.googlesyndication.com/sadbundle/1533600109594279543/media/ Frame B0E2 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1533600109594279543/media/65079f5f9bd08f675542bcfb596b0cb1.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69608a9461ed86cee5a354339af36c7b6b3748d2fd426f8b5f9870501634480b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 07:05:33 GMT
x-content-type-options: nosniff
age: 379497
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2619
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 13:04:21 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 07:05:33 GMT

GET
H3-Q050 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 175D 20 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 334144
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:26 GMT

GET
H/1.1 200
OK request_content.php Show response
ad13.ad-srv.net/ Frame 0F44 5 KB
2 KB 107ms
36ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.ad-srv.net/request_content.php?s=69148500153115300906801011534013&a=7ce6d18f
Requested by: Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request.php?zone=rnql7dv15846&nw=14&renderingType=javascript&namespace=f1693882be&subid=&uid=0ce153df675407aa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D87552146%2526a%253D120424%2526t%253D1615825829135%2526l%253D573473%2526p%253D3%2526appid%253D%2526aa%253D604f8ba4-000c-fa8a-0a1b-ba0c79045791%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.hits2mali.net&random=1332377411695&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: fdb9deb45a77940818b7c6955b6926be5d8d39e85354a66d69b9c9a433d197c2

Request headers

Host: ad13.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://brain.rvty.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: kdb0xdq3ls8m_uid=af4bbebf6d17d631
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

Date: Mon, 15 Mar 2021 16:30:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 15 Mar 2021 16:30:30 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1980
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
cdn.rvty.net/_files/js/ Frame 250C 91 KB
91 KB 46ms
45ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/view/ads_view.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:30 GMT
Last-Modified: Wed, 08 Jan 2020 08:13:37 GMT
Server: nginx/1.13.4
ETag: "5e158f31-16bb3"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93107

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D7F8 143 B
169 B 9ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUl05VBl8ZPaNmjgMAbbqKGFoA3_1oRpeoNnt4GjJ09_65bfamIxcRcnzT_0izE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 15 Mar 2021 15:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2946
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C768 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26c41538ebd9f39a6c2bd9b8e4860a9ac3d0e791c611e9e509a39bb3b249a07f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame C768 0
46 B 39ms
39ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK6rtqTcsu8CFatAHQkd1LMBmA&gqi=pItPYI34OKPgzAbNq7vADQ&layout=/sadbundle/%24csp%253Der3%24/8419619511327893301/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FAB8 42 B
66 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqNQ4aQrQVVdM-DJw_13sGBsEy9rZsy1LyET34kcwk8fIrcO1bfeu6eaTE5bYhINW9KddQrgLblyTJCtlcJr2__J67zgOiBKl9o39ebj1ECWWU_0X6NtIO4t_bfQ&sai=AMfl-YTyilFvRl4rzXCh_PPLkPtdsnSEJz1KAsSNUAiNh6GEmjh1L53ebm1KI3PATZrA6-axs3s-T2c1z1xp78uozP3WWU3Pkmo0SI8&sig=Cg0ArKJSzDkadjBohKmGEAE&cid=CAASF-Ro0cw-KFLmLFZY1e2R03sNTc7xzZMR&id=osdim&mcvt=1076&p=30,436,120,1164&mtos=1076,1076,1076,1076,1076&tos=1076,0,0,0,0&v=20210312&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3466934027&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615825828747&dlt=272&rpt=51&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F39 42 B
69 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9YXizceKpDhc4Q7gDde55ygTKQGPn-5fTw1m52pdRxmbiu676bpeX77RVx5c4zERSU-Q_SLXJxBYztepNNh2cU6f4yjaT&sig=Cg0ArKJSzGJGRg1RsgSIEAE&cid=CAASF-RoSBO1nSHVTSXoFlt-eB9gDCVcPq-z&id=osdim&mcvt=1079&p=346,368,406,836&mtos=1079,1079,1079,1079,1079&tos=1079,0,0,0,0&v=20210312&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3294615308&rs=2&met=ie&la=0&cr=0&osd=1&vs=4&rst=1615825828769&dlt=255&rpt=37&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 53C8 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 93611
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame AC8B 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 93611
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6760 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6760 22 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 css2
fonts.googleapis.com/ Frame 6760 1 KB
524 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@700&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6409c4e0df68022b76429e1521e7043755c93e5785e0d383d9d0ddf611762944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:27:23 GMT
server: ESF
date: Mon, 15 Mar 2021 16:30:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 16:30:30 GMT

GET
H3-Q050 200 styles.min.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 6760 2 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/styles.min.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81380199260edb5931b1ac07be1c82e8cf84a4fb6b0260053f5c3eed072d8ba5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 488550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Wed, 10 Mar 2021 00:48:00 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 00:48:00 GMT

GET
H3-Q050 200 gsap_3.1.0_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6760 56 KB
23 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22938
x-xss-protection: 0
last-modified: Fri, 24 Jan 2020 21:59:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Mar 2021 16:30:30 GMT

GET
H3-Q050 200 img_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 6760 1 KB
1 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/img_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5aeeb7785c228b8b8aed2b730fa14522162315aa1d80cd7bad581f7657b1a48

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 491034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Wed, 10 Mar 2021 00:06:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 00:06:36 GMT

GET
H3-Q050 200 script.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 6760 23 KB
8 KB 13ms
12ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/script.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c816749de6597d50e03fd8f01e9d55c9ce6e701bc2f8277d5194007d6e4bc01e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 527249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7725
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Tue, 09 Mar 2021 14:03:01 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 14:03:01 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 34ms
33ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:30 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F339
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBp9D1EDPZilztYCmAg_FAY&google_cver=1&google_push=AQvitUIFpnBPysmJL6RFJxEGE62WWgVzHqIxJtdsw0xH8nSOIvwXVxgJnQ...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIFpnBPysmJL6RFJxEGE62WWgVzHqIxJtdsw0xH8nSOIvwXVxgJnQVlFrD7c7rFp65W3W9DVYvD2Z46psph3Iu7dyed72MghA&google_hm=w_5K...

170 B
190 B

43ms
43ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIFpnBPysmJL6RFJxEGE62WWgVzHqIxJtdsw0xH8nSOIvwXVxgJnQVlFrD7c7rFp65W3W9DVYvD2Z46psph3Iu7dyed72MghA&google_hm=w_5KBdfpTbn_lG1Fw7vlyw

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIFpnBPysmJL6RFJxEGE62WWgVzHqIxJtdsw0xH8nSOIvwXVxgJnQVlFrD7c7rFp65W3W9DVYvD2Z46psph3Iu7dyed72MghA&google_hm=w_5KBdfpTbn_lG1Fw7vlyw
pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F339
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIRbX56...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIRbX56...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTUxNjMwMzEyMzQ4MTgzNjAyNDYyNg%3D%3D&google_push=AQvitUIRbX56XoS6Bldj50Tlry86i17JcBBYmQsq9u08ES_xClFG2TPNFiQJGFZPdysTti...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTUxNjMwMzEyMzQ4MTgzNjAyNDYyNg%3D%3D&google_push=AQvitUIRbX56XoS6Bldj50Tlry86i17JcBBYmQsq9u08ES_xClFG2TPNFiQJGFZPdysTti...

170 B
213 B

43ms
42ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTUxNjMwMzEyMzQ4MTgzNjAyNDYyNg%3D%3D&google_push=AQvitUIRbX56XoS6Bldj50Tlry86i17JcBBYmQsq9u08ES_xClFG2TPNFiQJGFZPdysTtiBi5ML93sOEAz75Sb6elx-PSR0nEjnDTA&google_tc=

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTUxNjMwMzEyMzQ4MTgzNjAyNDYyNg%3D%3D&google_push=AQvitUIRbX56XoS6Bldj50Tlry86i17JcBBYmQsq9u08ES_xClFG2TPNFiQJGFZPdysTtiBi5ML93sOEAz75Sb6elx-PSR0nEjnDTA&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 449
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F339
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEAjBZAO2S5Rb8mnwBEmRuvQ&google_cver=1&google_push=AQvitUKumRwj03zwVoUxETG-gRy8RyFYNlZcMLyUZZ83SztZgyVaGKHpn6GzogWBz6yCU0-HUi_LNzGhyHXJ1yEvFVtr_0ufeLGc
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKumRwj03zwVoUxETG-gRy8RyFYNlZcMLyUZZ83SztZgyVaGKHpn6GzogWBz6yCU0-HUi_LNzGhyHXJ1yEvFVtr_0ufeLGc&google_hm=OdHUmRv1znIrbzB0EktYrA==

170 B
190 B

47ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKumRwj03zwVoUxETG-gRy8RyFYNlZcMLyUZZ83SztZgyVaGKHpn6GzogWBz6yCU0-HUi_LNzGhyHXJ1yEvFVtr_0ufeLGc&google_hm=OdHUmRv1znIrbzB0EktYrA==

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKumRwj03zwVoUxETG-gRy8RyFYNlZcMLyUZZ83SztZgyVaGKHpn6GzogWBz6yCU0-HUi_LNzGhyHXJ1yEvFVtr_0ufeLGc&google_hm=OdHUmRv1znIrbzB0EktYrA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: tto5adabifpgnuvdehk57e9ud2nnv75t

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F339
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wbMBDdmAS5626F0rJdLRyQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

44ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wbMBDdmAS5626F0rJdLRyQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI9PBkaPrMh69EOz6q_PDx-bcCAZ8xfRUsxYTMcfFZh0gqu0dM0Gb966c3kiL6VlE-KWuG6Z713ukSSGDC5rJuMQnE1iqJJ

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wbMBDdmAS5626F0rJdLRyQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI9PBkaPrMh69EOz6q_PDx-bcCAZ8xfRUsxYTMcfFZh0gqu0dM0Gb966c3kiL6VlE-KWuG6Z713ukSSGDC5rJuMQnE1iqJJ
Date: Mon, 15 Mar 2021 16:30:30 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F339
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGXeF4lkn_TLLkAVRK-t-js&google_cver=1&google_push=AQvitUIO6Fgwkc0GIEq6Q5KjnPCH4YTUd5XF98h039_2fmi-52SzmY1-8-UdFYCGq62tIZkCINV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01BU1pBNDgtMVktNzA1Sg==&google_push=AQvitUIO6Fgwkc0GIEq6Q5KjnPCH4YTUd5XF98h039_2fmi-52SzmY1-8-UdFYCGq62tIZkCINVNkpquebQ9ZpTNaZtTt7OFgOV1

170 B
190 B

44ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01BU1pBNDgtMVktNzA1Sg==&google_push=AQvitUIO6Fgwkc0GIEq6Q5KjnPCH4YTUd5XF98h039_2fmi-52SzmY1-8-UdFYCGq62tIZkCINVNkpquebQ9ZpTNaZtTt7OFgOV1

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01BU1pBNDgtMVktNzA1Sg==&google_push=AQvitUIO6Fgwkc0GIEq6Q5KjnPCH4YTUd5XF98h039_2fmi-52SzmY1-8-UdFYCGq62tIZkCINVNkpquebQ9ZpTNaZtTt7OFgOV1
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F339
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECS4W3E7ecUscZ7nHMmikD4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YE-LpbwgTlTeGNMWb7yFkgAAASEAAAIB&google_push=AQvitUJmtGY2qeCvfdNtwPAhK9Fo7u7fBi8txU13nHGg39Y3cE2iy0ihsJPuAatdmg-tORF6EsOpdlVB_-Ppqxp4vq...

170 B
190 B

46ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YE-LpbwgTlTeGNMWb7yFkgAAASEAAAIB&google_push=AQvitUJmtGY2qeCvfdNtwPAhK9Fo7u7fBi8txU13nHGg39Y3cE2iy0ihsJPuAatdmg-tORF6EsOpdlVB_-Ppqxp4vq0lkxkT6NZp0g&google_gid=CAESECS4W3E7ecUscZ7nHMmikD4&google_cver=1

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 16:30:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YE-LpbwgTlTeGNMWb7yFkgAAASEAAAIB&google_push=AQvitUJmtGY2qeCvfdNtwPAhK9Fo7u7fBi8txU13nHGg39Y3cE2iy0ihsJPuAatdmg-tORF6EsOpdlVB_-Ppqxp4vq0lkxkT6NZp0g&google_gid=CAESECS4W3E7ecUscZ7nHMmikD4&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Mon, 15 Mar 2021 16:30:30 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F339
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENjA1f2HMxw8Ai-0yn1TJ0g&google_cver=1&google_push=AQvitUK-vJwO2itiy5NN0E_I...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUK-vJwO2itiy5NN0E_Iqv7_h21D6qCyPAYvPMo4774PvrRKrLYvty-rCEeriHuXFAkVGbIUnq2PBz3xdZb9n8zcyvf4_l1nN7I&google_hm=

170 B
190 B

44ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUK-vJwO2itiy5NN0E_Iqv7_h21D6qCyPAYvPMo4774PvrRKrLYvty-rCEeriHuXFAkVGbIUnq2PBz3xdZb9n8zcyvf4_l1nN7I&google_hm=

Requested by

Host: www.hits2mali.net
URL: https://www.hits2mali.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUK-vJwO2itiy5NN0E_Iqv7_h21D6qCyPAYvPMo4774PvrRKrLYvty-rCEeriHuXFAkVGbIUnq2PBz3xdZb9n8zcyvf4_l1nN7I&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sun, 14 Mar 2021 16:30:30 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame F339 0
49 B 43ms
41ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbYWGEdjrEpuqBwf2WGjIsSUHDZWmxglx6YdfnwdCG9SwXsv5M-PR3iGHtIXwhOmM1fC0VJA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:30 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CD9 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 93611
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H/1.1 200
OK viewability Show response
ad13.ad-srv.net/ Frame 0F44 0
150 B 115ms
40ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.ad-srv.net/viewability?s=69148500153115300906801011534013&a=62ce7559&vb=m
Requested by: Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=69148500153115300906801011534013&a=7ce6d18f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad13.ad-srv.net/request_content.php?s=69148500153115300906801011534013&a=7ce6d18f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:30 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ydek2gceddvn Show response
ad.ad-srv.net/zone/ Frame 0F44 10 KB
3 KB 115ms
39ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/ydek2gceddvn?subid=69148500153115300906801011534013&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&redirectClick=https%3A%2F%2Fad13.ad-srv.net%2Fc%2Fpsie0k72zxnz2x2%3Ftprde%3D
Requested by: Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=69148500153115300906801011534013&a=7ce6d18f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e74e965fd6a09097c5315726622c94cc8b17eeca97b8aa20020794a82b11826d

Request headers

Referer: https://ad13.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2743
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 6760 13 KB
4 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/cta.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/styles.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8841d0950d19fbaa864bcbc03931b0bb6337b578f2df9a809267eaefc3b8c59c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 468266
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3090
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Wed, 10 Mar 2021 06:26:04 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 06:26:04 GMT

GET
H3-Q050 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/ Frame 6760 11 KB
4 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/styles.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea3d8946d5dc15be52ab94d0b6b504d46d2e849f95f5b0de1d2da45e60d1378b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8419619511327893301/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 27489
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3800
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 11:04:37 GMT
server: sffe
date: Mon, 15 Mar 2021 08:52:21 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 08:52:21 GMT

GET
H3-Q050 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ Frame 6760 20 KB
20 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e0d1cf0ded40281f4b4c439d8c6e6630e3b31acf44d0d198e2513680c4bac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 21:42:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
age: 413283
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20676
x-xss-protection: 0
expires: Thu, 10 Mar 2022 21:42:27 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 518E 42 B
66 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkM-_TT465QddDlopq2sV9cmfpm6SDM3Mc6Q9SCGvzcgCVTzwr5qrflDZ8FLAtIyvAdOlnXcxDTf1CejGF6e0CV5vYRRf0Tk7lUpOSS7riM_hOCBlR78mvKCkPbg&sai=AMfl-YS_uyAxfnYJHlVMHaYbwSv5QIyoGsgqnh1bqWpMk9HFBYUDZaI6qqjtjRHeIkxjPgM-IFzVv-sxMDcxCx7zm_oqAdSDPzKel0c&sig=Cg0ArKJSzCGX_Cichh7OEAE&cid=CAASF-Rog1zL7YN7uxbnw313YiuWcnpH3Av4&id=osdim&mcvt=1018&p=434,1013,714,1349&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20210312&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1853870413&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615825828779&dlt=617&rpt=29&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D7F8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

39ms
39ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=100&adk=1535098980&adf=3212640173&pi=t.aa~a.2381848920~rp.3&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x100&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=-M&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280&nras=3&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=1823&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=OzUV31a34p&p=https%3A//www.hits2mali.net&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUl05VBl8ZPaNmjgMAbbqKGFoA3_1oRpeoNnt4GjJ09_65bfamIxcRcnzT_0izE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Mar 2021 16:30:30 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 15-Mar-2021 17:30:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 15 Mar 2021 16:30:30 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 15 Mar 2021 16:30:30 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request.php Show response
ad3.ad-srv.net/ Frame 0F44 2 KB
1 KB 141ms
63ms Script
application/x-javascript 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad3.ad-srv.net/request.php?zone=ydek2gceddvn&nw=14&renderingType=javascript&namespace=56cca4fc8c&subid=69148500153115300906801011534013&uid=b5d05dfd17d5da05&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fad13.ad-srv.net%2Fc%2Fpsie0k72zxnz2x2%3Ftprde%3D&documentReferer=https%3A%2F%2Fbrain.rvty.net%2F&ancestorOrigins=https%3A%2F%2Fbrain.rvty.net%2Chttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.hits2mali.net&random=3238495634138&isIframe=1&container=&adPos=0x30&adPosCheck=1x31&adtagId=0
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/zone/ydek2gceddvn?subid=69148500153115300906801011534013&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&redirectClick=https%3A%2F%2Fad13.ad-srv.net%2Fc%2Fpsie0k72zxnz2x2%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6bf23a892a8ba50ddd35d739704e1ffc1b377b56595e889e54aa31ba2dcd4a73

Request headers

Referer: https://ad13.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 16:30:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 70685700198755200905267011534003
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 722
Expires: Mon, 15 Mar 2021 16:30:30 +0100

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 32ms
31ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:30 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 6760 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 93611
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H/1.1 200
OK Cookie set cshow.php Show response
www.awin1.com/ Frame 349D 43 B
702 B 106ms
40ms Document
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519520&v=14098&q=368694&r=278235&pv=1&pref1=70685700198755200905267011534003

Requested by

Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request.php?zone=ydek2gceddvn&nw=14&renderingType=javascript&namespace=56cca4fc8c&subid=69148500153115300906801011534013&uid=b5d05dfd17d5da05&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fad13.ad-srv.net%2Fc%2Fpsie0k72zxnz2x2%3Ftprde%3D&documentReferer=https%3A%2F%2Fbrain.rvty.net%2F&ancestorOrigins=https%3A%2F%2Fbrain.rvty.net%2Chttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.hits2mali.net&random=3238495634138&isIframe=1&container=&adPos=0x30&adPosCheck=1x31&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Host: www.awin1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad13.ad-srv.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad13.ad-srv.net/

Response headers

Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Content-Type: image/gif
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Content-Length: 43
Date: Mon, 15 Mar 2021 16:30:30 GMT
Connection: keep-alive
Set-Cookie: awpv14098=278235|1615825830|c23e80b0-85ab-11eb-ac76-692d062bb2ef;domain=.awin1.com;path=/;expires=Monday, 22-Mar-2021 16:30:30 UTC;Secure;SameSite=None AWSESS=379074:2519520;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK request_content.php Show response
ad3.ad-srv.net/ Frame 6DF3 5 KB
2 KB 119ms
44ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad3.ad-srv.net/request_content.php?s=70685700198755200905267011534003&a=73a77638
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request.php?zone=ydek2gceddvn&nw=14&renderingType=javascript&namespace=56cca4fc8c&subid=69148500153115300906801011534013&uid=b5d05dfd17d5da05&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fad13.ad-srv.net%2Fc%2Fpsie0k72zxnz2x2%3Ftprde%3D&documentReferer=https%3A%2F%2Fbrain.rvty.net%2F&ancestorOrigins=https%3A%2F%2Fbrain.rvty.net%2Chttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.hits2mali.net&random=3238495634138&isIframe=1&container=&adPos=0x30&adPosCheck=1x31&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: dd38e035f35b0bc7a694c70031b7bb94d2d869f6af781dd72f881209a0fe3b83

Request headers

Host: ad3.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad13.ad-srv.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: kdb0xdq3ls8m_uid=af4bbebf6d17d631
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad13.ad-srv.net/

Response headers

Date: Mon, 15 Mar 2021 16:30:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 15 Mar 2021 16:30:30 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1881
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0F44 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/oliro/tools/js/ Frame 0F44 851 B
1 KB 99ms
30ms Script
application/javascript 217.79.179.79
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/oliro/tools/js/addDoubleBorder.js
Requested by: Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=69148500153115300906801011534013&a=7ce6d18f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.79.179.79 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: n079.navy.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://ad13.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:29 GMT
Last-Modified: Sun, 01 Mar 2015 14:40:33 GMT
Server: nginx
ETag: "54f324e1-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK oba_icon.png
cdn.contentspread.net/oliro/oba/ Frame 0F44 3 KB
3 KB 97ms
30ms Image
image/png 217.79.179.79
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/oliro/oba/oba_icon.png
Requested by: Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=69148500153115300906801011534013&a=7ce6d18f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.79.179.79 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: n079.navy.fastwebserver.de
Software: nginx /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Referer: https://ad13.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:29 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:54 GMT
Server: nginx
ETag: "57a48d52-c35"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3125

GET
H2

200

KTS-Promo-468x60.png
media.kaspersky.com/de/affiliates/ Frame 6DF3
Redirect Chain

https://www.awin1.com/cshow.php?s=2519520&v=14098&q=368694&r=278235&pv=0&pref1=70685700198755200905267011534003
https://media.kaspersky.com/de/affiliates/KTS-Promo-468x60.png

30 KB
30 KB

278ms
148ms

Image
image/png

77.74.178.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/KTS-Promo-468x60.png

Requested by

Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=70685700198755200905267011534003&a=73a77638

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.74.178.23 , Russian Federation, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

045c2febcc51a1c83b566c2838bae6df55b86bd11368a329c5ee5ed3733fcdd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 18 Jan 2021 16:02:47 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "e111405db3edd61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
x-server: msk1/FRA3
accept-ranges: bytes
content-length: 30679
date: Mon, 15 Mar 2021 16:30:30 GMT

Redirect headers

Date: Mon, 15 Mar 2021 16:30:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/KTS-Promo-468x60.png
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad3.ad-srv.net/ Frame 6DF3 0
150 B 106ms
37ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad3.ad-srv.net/viewability?s=70685700198755200905267011534003&a=0a5baab5&vb=m
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=70685700198755200905267011534003&a=73a77638
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad3.ad-srv.net/request_content.php?s=70685700198755200905267011534003&a=73a77638
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 6DF3 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/oliro/tools/js/ Frame 6DF3 851 B
1 KB 97ms
29ms Script
application/javascript 217.79.179.79
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/oliro/tools/js/addDoubleBorder.js
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=70685700198755200905267011534003&a=73a77638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.79.179.79 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: n079.navy.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:29 GMT
Last-Modified: Sun, 01 Mar 2015 14:40:33 GMT
Server: nginx
ETag: "54f324e1-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK oba_icon.png
cdn.contentspread.net/oliro/oba/ Frame 6DF3 3 KB
3 KB 97ms
31ms Image
image/png 217.79.179.79
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/oliro/oba/oba_icon.png
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=70685700198755200905267011534003&a=73a77638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.79.179.79 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: n079.navy.fastwebserver.de
Software: nginx /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:29 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:54 GMT
Server: nginx
ETag: "57a48d52-c35"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3125

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 31ms
30ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:31 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
37ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210309&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcbed6d82feffcddeebad9c6f36e0130fafc98d74e6c4039bdf8bc680f0b100c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 16:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6571
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 15 Mar 2021 16:30:31 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame F121 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hits2mali.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hits2mali.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 15 Mar 2021 16:29:06 GMT
expires: Tue, 15 Mar 2022 16:29:06 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 85
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame F121 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 93612
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H/1.1 200
OK viewability Show response
ad13.ad-srv.net/ Frame 0F44 0
150 B 108ms
35ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.ad-srv.net/viewability?s=69148500153115300906801011534013&a=62ce7559&vb=v
Requested by: Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=69148500153115300906801011534013&a=7ce6d18f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad13.ad-srv.net/request_content.php?s=69148500153115300906801011534013&a=7ce6d18f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210309&jk=3938057020784120&bg=!e3ileDvNAAUO7zDoDjsAKQB2-Dxa7ygbJk4raI3oys3ElwpgGU-0Z1OeDr8uNkrICAaumzHjo6jzAgAAAJRSAAAADWgBBwoAU-qha0xfa8sTF0D7gK3kGQ1VRKZRQ-aXTqvX_kKIRwbXC52ULTv2oML9H1hAN6flVGWKQqmc19WPl7l3bJ3q_lwD24_RYKVKaBhvv2gt6Qk-cjIRmQIFUXKWl4zOWLLgsrnRK5CZbmN9LmBERjRHv85VnOflxUKJmKxn531OmGlPOi5kusvYBxkyJiaWMA-FKvZ_2rnBw1OPcRVRuv8aqcfVWorkfR_R3HBp3vMkRWz0QIQQcJkStGqiJB4dvniz5YYkRsjtpF76oT0VDJKM7KZMujxC3HZ37ClAnnceGeVDeDzeLIyy9tX3P7-FQbdEij2COnJBvUIzWtxHZcBjfT0QNZdf7LuNXZruZ1X3OsSoozljNRdgN8Vwus8tn_KzCx1NoJmCA5RYrcR8_rFPy-D5o6QqdhR5Dv90Kht0QvuZTQo2m7HAaUX5kti9zgT643xOVhOWwcEXFteLQtpcVJR-riI_vljrG7npRN7QWonVeG-j8UKl8M5elq3UvjlIAmsqUwsKgNBGIiFZq8NWWEXyFEli7pZuplkdCthXPYkUy7P6WcVpBi6jX5HwlyMlD5DWkHAbi0g0UQQc0of5PEA2anpHXWGrAJQbXPmWsaTEKgRU1SzGysLjburP3ZGaegObwaVfE7E6SISHc8SmxzlM54Wy76xUjOF5sBKM8ITwpzfZ_REM6xgutpeizfuToQhXHG2Xi32N1k8hsUiHtyVHoO2itbayddcfDtunFFRU2LiVwYcR3KS9U860vX-yhE0f56FQborl3rp8dg05XoTUiE7kWcmxr0tilA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hits2mali.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 16:30:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 32ms
31ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:31 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad3.ad-srv.net/ Frame 6DF3 0
150 B 105ms
35ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad3.ad-srv.net/viewability?s=70685700198755200905267011534003&a=0a5baab5&vb=v
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=70685700198755200905267011534003&a=73a77638
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad3.ad-srv.net/request_content.php?s=70685700198755200905267011534003&a=73a77638
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 16:30:32 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 88ms
87ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:32 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 70ms
69ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:32 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 303ms
302ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:33 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 104ms
103ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:33 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 97ms
97ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:34 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 364ms
364ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:35 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 41ms
41ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:37 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 32ms
32ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:40 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 250C 0
119 B 32ms
32ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=60&adWidth=468&adFormat=1&adslotId=&siteId=87552146&bannerId=120424&e=3&p=YE-LpAAMFIUKG2MCAAarcqIT-G_P2VxezSeR-Q&penc=&bp=84615&a=604f8ba4-000c-fa8a-0a1b-ba0c79045791&n=1&geo=573473&rawURL=https%3A%2F%2Fwww.hits2mali.net&rawReferrerURL=&uid=cd4847c2-7c52-4ef7-a4fd-7abad0ad54d8&euid=CAESEMRcV-2wnrkXQmjxd9QI5lI&encn=N4IgXglgDiBcIE4kHYAsIA0IDGB7ArgHYAuATgJ5wgAiAopiAIbFwBMWANoQOZwCMfAHSoArFmwRileAFl8AUwAWHRY3wBneYQbrizeVQBCjcvNLbOzOKgSC+ANnvIAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7wimpItPYIWpMILGbfLWmsAE5v6j91zui6yIX8CNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0yMTY2MzA1Mjc2NDIyOTk3yAEJqQKwX3GglwG0PqgDAaoEtAFP0P8kPqiGO4WzWbes8X69iLUI1rUlNIJtqN9S813wWuqHE0C8WZOtIpigDv2GKoLKAreRX0r0knc5F5gTijWSibKLzjU5-wJmacTOobE9g0iv_yU4hcDdXURUXX0p44rQZhvWUsA15s6z8bqzW1b4XWZ0w6UXr7Tc91NYFHTYAmBfuCxVvvyW_X2f5f-uY7rlXEPlA_IwSc886KbmgJsMdaIgMBu8ua5ksP14R_rgF-fcaC6ABuy7j4uO0MG-eKAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_19bvwWPsw4cIZgVdntBiidJK6hJw%26client%3Dca-pub-2166305276422997%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 15 Mar 2021 16:30:43 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/version.json

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379074:2519520
.awin1.com/	1970-01-19 17:00:30	Name: awpv14098 Value: 278235\|1615825830\|c23e80b0-85ab-11eb-ac76-692d062bb2ef
.doubleclick.net/	1970-01-19 16:50:26	Name: test_cookie Value: CheckForPermission

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/6okgwbvs/hws47.js(Line 7) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://sdki.truepush.com/sdk/v2.0.2/app.js(Line 1) Message: Error in getting version error
console-api	log	URL: https://sdki.truepush.com/sdk/v2.0.2/main.js(Line 1) Message: this is loading 1st
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2166305276422997&output=html&h=50&adk=3687757306&adf=2483254975&pi=t.aa~a.1285396622~rp.4&w=367&fwrn=4&fwrnh=100&lmt=1615823566&rafmt=1&to=qs&pwprc=3246170412&tp=site_kit&psa=0&format=367x50&url=https%3A%2F%2Fwww.hits2mali.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1615825828901&bpp=1&bdt=596&idt=1&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D598ee35a4d4534f6-22d5d0a913a700df%3AT%3D1615825828%3ART%3D1615825828%3AS%3DALNI_Mbkyme9ICEEwNEfEzpt-6LLpn0n7w&prev_fmts=0x0%2C728x90%2C468x60%2C367x280%2C367x280%2C367x100%2C367x100&nras=5&correlator=7210220457823&frm=20&pv=1&ga_vid=788412694.1615825829&ga_sid=1615825829&ga_hid=561979227&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1013&ady=2787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737536%2C44736525&oid=3&pvsid=3938057020784120&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZAvUnH8yKR&p=https%3A//www.hits2mali.net&dtd=32
console-api	log	URL: https://sdki.truepush.com/sdk/v2.0.2/main.js(Line 1) Message: loading 2nd
console-api	log	URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/979sxe7e/hws47.js(Line 3) Message: YT API init check
console-api	log	URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/979sxe7e/hws47.js(Line 3) Message: YT API init check
console-api	log	URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/979sxe7e/hws47.js(Line 3) Message: YT API init check
console-api	log	URL: https://www.hits2mali.net/wp-content/cache/wpfc-minified/979sxe7e/hws47.js(Line 3) Message: YT API init check

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ad-srv.net
ad.doubleclick.net
ad13.ad-srv.net
ad3.ad-srv.net
adservice.google.com
adservice.google.de
brain.rvty.net
cdn.ampproject.org
cdn.contentspread.net
cdn.rvty.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.agkn.com
e.dlx.addthis.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
media.kaspersky.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
sdki.truepush.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hits2mali.net
sdki.truepush.com
116.202.48.214
138.201.63.117
142.250.185.162
142.250.185.66
142.250.74.198
185.64.190.78
217.182.200.20
217.79.179.79
2600:9000:2182:5e00:7:6b7b:1000:93a1
2606:4700:3033::6815:266b
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c09::9a
2a03:2880:f02d:12:face:b00c:0:3
34.246.227.69
35.227.252.103
52.35.2.64
54.93.142.164
69.173.144.139
77.74.178.23
78.46.90.238
84.53.189.33
89.163.211.233
89.163.211.242
92.123.148.9
00b96b7a93061641c0c6df3f67446fc0a7c7a10c3c4829d09ae8e35bb56c6048
00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054
045c2febcc51a1c83b566c2838bae6df55b86bd11368a329c5ee5ed3733fcdd0
0798ecc3abc1ebe7959ae040722dfa8c4d8fb400a8834dc0cbb491bef2dc8d47
07b80651827613a299861af1e6b4252457c1174368dfeac94af759e429568cd8
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0ff7113813e2793be8fe500e92396ca6ef76cfc95c3c6a955d0578977b047b9c
10122761ccc1faf27b6a2b4115abd18bdf61c146de1f2a5fbeff0e6dcc438c69
12190d85f4a5680fa50cbecd63338f26c51dca175c17ceb654079a0093d731d6
125d6a3b149aa361b1b91e17f84431659ebfdbbecdfac83836b75cba78fbd669
1360c18140af57843cb8a75b17a07f7a305eaf78e499f79d4d742a4b9b8221e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1f935c701cf4f28193cc917220550b6da379012569b445d0f2627255031456b9
1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef
21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b
2248d914ed026123d24771f29b755d88e8da4026dbc22de4277aba8dff11fa67
26c41538ebd9f39a6c2bd9b8e4860a9ac3d0e791c611e9e509a39bb3b249a07f
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e52aa532594524ce54ab7f748eb9828e2285b705ba1da5fe5b4c0f4ada6ce1a
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3081d318b7a420cb1290d94520013bc6bb89470a6d9a7a5b71b3e3aeed7e25ac
31c2c15435770ff162b185bbc6bead3a72af4af9da3a5801b0c5f5512eb44c5a
368ecffadfb880326385c05d90dc169f4901f3e6494ee3945e6aa30d36b4c7b4
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3cace7f665bd3f6095087cea9f092f1f269f3f13b60c06da8bfb2513d9c0701b
3cbdd83b771f50330d3b8b99ecc5d3e418abb6947718d1260f1dea666bc60cef
3df8cfd2d6222ccc7f36ed7f13e5ea9083f5b0a395dd638f4e6b46d49d2ecf6c
406dcc4d20986907c4a0cba626ded27b3eef246d340d469f4af7d71040a441b1
44c6910c80294593e72f96595127e5f4a410dcefc42f0d8e0f5384e5067a2416
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47644671f68204ed99537f2898fc75d81b5aebc62cc894a9d02ccc1015b71b9b
498d2ba49e0e725549c4cea2c43ca9850750ee1ef7e7f8f1293bfa3fc79cf28f
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ac3537cdc9bc4b6dcd500b0161c2a585f0fc9b634f7b1db6f7873702858df88
50fab4b045834205808736d4192551f137a4e0db449228ea1f830ae63cbed0ca
569adc885c3ef6244c43dc4c4f107c5477402a47c12fb68d1caa3e6dafe4b041
578b2a81d78b7a78f9d4584c6e21373daa7d297e12dcbfe16c7ac70460c87f72
59b2eb0b2e93464ba9b7547701ad6b9a04fb9caf66d388dfef47231c1ea77c3b
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c427bac2dbde25299a1a907f15f4dee13a9f8cf40e9571af674e6360f21f335
5f092ded71786131e4d820295da103c34a589c05f1dd0b7e256e7ade84216cca
618804f68357f8974fbe1df2998b9893e2dcbe79e3d3646e09f019923c5d8d69
63bec8ca3fa9b827b949d1b9ce9798b418e33ad31e55df1d73e06ee1350fd718
63e0d1cf0ded40281f4b4c439d8c6e6630e3b31acf44d0d198e2513680c4bac9
6409c4e0df68022b76429e1521e7043755c93e5785e0d383d9d0ddf611762944
66b45568fef2ad5b4bf571ad8abf7c30ae5145db9cb2c6d077d8bbf514f0734c
674732c3f9a1e0c234c724395abf37d2803266f4e2bb8108aa18ccb4c2143888
69608a9461ed86cee5a354339af36c7b6b3748d2fd426f8b5f9870501634480b
6bae3d2263f38730a81ad4a2367def471bd963e0abde6446dbe49fff52d8046a
6bf23a892a8ba50ddd35d739704e1ffc1b377b56595e889e54aa31ba2dcd4a73
6d04b82fa4a960828ffa6e2b1d7317098291cf889308254816f6cef361d736ce
6ef57fce5723a0297044d4fb8504daddf994d540b5e5f1a2f501f6aa289878a4
6f3cad361cd8677fdb3af1bb7e2170538c1924bec3178f48881620a74445da0f
6f8cb13413e3fa7339ddaae55b6f08b912c6b5ad0f5d0bd75bd698f353e0655e
71e5d7d3d8216e2398771bd9181bd2b769f2ab95965300306ea443a6d32aa3ab
76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749
779985448c3126643e59542fb5bdd015aa953395176192173bcfb7a16057470d
781841d10df4638214845d3c463a0efd72048853577730c42ae419493546c73f
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81380199260edb5931b1ac07be1c82e8cf84a4fb6b0260053f5c3eed072d8ba5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8841d0950d19fbaa864bcbc03931b0bb6337b578f2df9a809267eaefc3b8c59c
8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744
8a364b6952667b409ba211c9cb9fd1696ab40581511f5bc010fd9e345cf3c130
8c2d13e3cc15c56e77174be6b1567b8b604d62ff2cefe6d9df22c02341b1d80b
8df480865ef8a7c05d4c027f411316b42d88d8b2bfca6b98ef69d526b9933a11
8e8a98fe952eee308ae971083df396d4031d067662aad81f62109f993a6cff2c
8f2ff07e7359eb939b3c8475e6a902cb846bb4fa714c23f9639091217d2719ed
8f36a5a22d5c73e8b2c6f1d780296ffb19a169ca4cd7a0254705001e7e82ba24
8f57ab8c4fd93c3ba461b1fa362ecbf1b1c7a761a0c507cb0d185a0c0e2a6272
93fb6c7a549012df0d91ab7d80e6dbcd027c08924c2c95f144a50b10c94564f2
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
97ddf44704c93f670e08c0074597de17fda37f4b2509a749be37ee0da41b50e7
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
98abea58658ab3f76b329fe8623e1d6e5292fbe35c598192f072721b2714a33f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f88bdec59ea045048a55bcd6f588e0418338687a0a7b8ec8a52efb4d74afa4d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d3fc599e15b27ac983344f779dd4d39a4e41e8575ae24d7c546bd5b0372ab5
a7d64b04f330a03579f6aed2f6f1110bf21ab4b30a44a2043348213502f73d3d
a800978f7ebfa4bfd016bb99fa5d84eddad32ce207d6d693ba2e5cb9993b0e91
ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac70265d408672de2397bdf91cb3645e7f753280f08c0d06abf93232d6b935d7
b095daa45c5aedc085f2017153d1aa6507ba6475cc0b7c7918d1eaa557671efd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6d09da0c3245664a4a6b03f0e4d6b132db88ce994750d8324640403f93814d6
b7be9c729aa35a673d4327391b4ec1e3cdebe1cf94677679c3aff01d738191bd
b8eb772e9d83d05539b17cc5ca79fb1ee7c331f1e6741a2460555b70f6c19d6e
bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf
bb1ff5539042648a17a637865be080ea15bf4b79a4f7bff52b34262d686ec1a1
bc30e767c967ef2ef26596537a154777091258db628062b77102ae6ee5fa6c0d
bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1
bf03ff1b01b8de4a4490ff63292d9163f590261c444a99eea892739700ab6dcd
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c816749de6597d50e03fd8f01e9d55c9ce6e701bc2f8277d5194007d6e4bc01e
c8291dda38daf11b618c9fc2c4611eca762a086925ed38df46b9232b7a2fbf0b
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
cd472e3bbd68f2babe5d5c95bea791b576e3cb6f55c85078137c60124cb06543
ce172391cc707f17271017d08a9b94b5b97a4283ebefd24fbde051101bb10177
d36a10b690a4f05841e54cf24f1c9d195dc30dd47f4048ccac137d7b0537da70
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d93ac6e21973cbe29b3f35409177b52e38444a80d9a3526a807552be987837b2
d941eb88125b6e02981a66b4d0874139f98931aca9ee731e35e49d437bcefc82
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c
dd38e035f35b0bc7a694c70031b7bb94d2d869f6af781dd72f881209a0fe3b83
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c
e34da8bcc5cecbb4fd81779f88a5d113ee7109562ee83074e20379d85277cc12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50ae8c1c46efcb45faec29e700ee3c2ee9b709308d752e1e3992664a4d4b3c3
e5a1e46e6ecad234fb87988f226becf244ddb8b1c46024222837914f51ba1a72
e5aeeb7785c228b8b8aed2b730fa14522162315aa1d80cd7bad581f7657b1a48
e74e965fd6a09097c5315726622c94cc8b17eeca97b8aa20020794a82b11826d
e82bbbcaab44d35f211682867f3bba3298761dacb4361c7ac6882004ea0e86f3
e91f88e994950c9deb8f29695ac34a7e45e7ab83c492e2b5fe5430325783b873
ea3d8946d5dc15be52ab94d0b6b504d46d2e849f95f5b0de1d2da45e60d1378b
ed14813b0d6fd46c6a831f0f61a067a5266804b45f6dc3ce3abf6418683b3f78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00b174c97d4dff49af8d8323008d682c2fe75f383318250c534e515cd04c567
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
f552b22e194625b4875315f201e40fcb4c5b7f6290bd78592d1860b179d866f4
f58cbd5ac0aaa3dcf33d6ca41cfd1421bd2d906820d1bccffd3f928291f4b19b
f5c57157383ca65a861e9574888bed14ef371762c00c2acedcfc79b778badca8
f6d23c44cc050dcc8a3619657db6c3310445d109b22be9c8041fa200a21a41cf
fa6baeae3cb3f5723d40c311888b0da77590b8dc1353c5c7c6e944e7f6c346ac
fcbed6d82feffcddeebad9c6f36e0130fafc98d74e6c4039bdf8bc680f0b100c
fdb9deb45a77940818b7c6955b6926be5d8d39e85354a66d69b9c9a433d197c2

www.hits2mali.net Open in urlscan Pro 2606:4700:3033::6815:266b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

247 Requests

100 %HTTPS

60 %IPv6

29 Domains

41 Subdomains

40 IPs

8 Countries

2494 kBTransfer

5910 kBSize

3 Cookies

4 Outgoing links

Redirected requests

247 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hits2mali.net Open in urlscan Pro
2606:4700:3033::6815:266b Public Scan

Screenshot
Live screenshot

Full Image

247
Requests

100 %
HTTPS

60 %
IPv6

29
Domains

41
Subdomains

40
IPs

8
Countries

2494 kB
Transfer

5910 kB
Size

3
Cookies

247 HTTP transactions
9 data transactions