daxie.supfree.net Open in urlscan Pro
122.114.199.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://daxie.supfree.net/
Effective URL:
https://daxie.supfree.net/
Submission: On October 15 via api (October 15th 2023, 6:55:41 am UTC) from US — Scanned from US

Summary HTTP 145 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 26 IPs in 2 countries across 29 domains to perform 145 HTTP transactions. The main IP is 122.114.199.212, located in China and belongs to CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN. The main domain is daxie.supfree.net.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on September 15th 2023. Valid for: 3 months.

This is the only time daxie.supfree.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	122.114.199.212 122.114.199.212	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
3	39.156.66.111 39.156.66.111	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
14	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
28	180.76.110.142 180.76.110.142	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 11	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
14	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800b... 2620:116:800b:21:f059:4f7e:28a9:1588	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.66.251.81 104.66.251.81	16625 (AKAMAI-AS) (AKAMAI-AS)
13	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:445... 2600:1f18:445b:901:b8e3:e6a9:15ac:1d69	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
2	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
2 2	2606:ae80:147... 2606:ae80:1471:1b::1720	25751 (VALUECLICK) (VALUECLICK)
1 1	2600:9000:21d... 2600:9000:21da:ae00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
2 2	35.211.233.246 35.211.233.246	19527 (GOOGLE-2) (GOOGLE-2)
1	54.174.245.129 54.174.245.129	14618 (AMAZON-AES) (AMAZON-AES)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	47.246.22.180 47.246.22.180	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	203.107.86.226 203.107.86.226	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
145	26

11 122.114.199.212 (China) 1 redirects

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

daxie.supfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fff1208.supfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.supfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.supfree.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 39.156.66.111 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

libs.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 180.76.110.142 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

x.pocidian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81d::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.66.251.81 (Piscataway, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-66-251-81.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:901:b8e3:e6a9:15ac:1d69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1471:1b::1720 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:ae00:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.233.246 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.245.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-245-129.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.22.180 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	428 KB
28	pocidian.com x.pocidian.com	87 KB
24	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	135 KB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 728 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3232 csm.us.criteo.net — Cisco Umbrella Rank: 3098	190 KB
11	supfree.net 1 redirects daxie.supfree.net fff1208.supfree.net www.supfree.net img.supfree.net	112 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	73 KB
6	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 3008 rtb.va.us.criteo.com — Cisco Umbrella Rank: 6886 cat.va.us.criteo.com — Cisco Umbrella Rank: 3268	81 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	817 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	235 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 387	2 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	602 B
3	baidu.com libs.baidu.com — Cisco Umbrella Rank: 139889	54 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 63196 collect-v6.51.la — Cisco Umbrella Rank: 58204	14 KB
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 25578	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2841	964 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 914	989 B
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3431	985 B
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 2007	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8315	667 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 8350	545 B
1	extend.tv sync.extend.tv — Cisco Umbrella Rank: 3548	111 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 796	722 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1030	499 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 14303	577 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2075	297 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 1386	773 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8325	598 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 929	464 B
145	29

	Domain	Requested by
28	x.pocidian.com	daxie.supfree.net
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	static.criteo.net	ads.us.criteo.com
14	pagead2.googlesyndication.com	daxie.supfree.net pagead2.googlesyndication.com fff1208.supfree.net googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	cm.g.doubleclick.net	daxie.supfree.net googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	img.supfree.net	daxie.supfree.net fff1208.supfree.net
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	csm.us.criteo.net	ads.us.criteo.com
3	imageproxy.us.criteo.net	ads.us.criteo.com
3	libs.baidu.com	daxie.supfree.net
2	rtb2-useast.e-volution.ai	2 redirects
2	a.sportradarserving.com	2 redirects
2	id.rlcdn.com	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	www.googleadservices.com	daxie.supfree.net
2	px.owneriq.net	2 redirects
2	cat.va.us.criteo.com	ads.us.criteo.com
2	rtb.va.us.criteo.com	googleads.g.doubleclick.net
2	ads.us.criteo.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	fff1208.supfree.net	daxie.supfree.net
2	daxie.supfree.net	1 redirects
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	daxie.supfree.net
1	ius.ctnsnet.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	sync.extend.tv	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	trace.mediago.io	1 redirects
1	im.bluevoox.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.supfree.net	daxie.supfree.net
145	41

This site contains links to these domains. Also see Links.

Domain
ibaotu.com
www.supfree.net
cal.supfree.net
formula.supfree.net
swift.supfree.net
guanshui.supfree.net
duilian.supfree.net
kuaidi.supfree.net
dns.supfree.net
xinyongka.supfree.net
jingdian.supfree.net
zhuanhuan.supfree.net
chima.supfree.net
qinshu.supfree.net
bankcard.supfree.net
book.supfree.net
movie.supfree.net
guji.supfree.net
bank.supfree.net
junshi.supfree.net
wuqi.supfree.net
gupiao.supfree.net
painting.supfree.net
gonglv.supfree.net
cihai.supfree.net
secure.supfree.net
daxie.m.supfree.net
www.jisuan.mobi
www.zuotixia.com
www.shinatian.com
wpa.qq.com

Subject Issuer	Validity	Valid
*.supfree.net TrustAsia RSA DV TLS CA G2	`2023-09-15` - `2023-12-14`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
x.pocidian.com TrustAsia RSA DV TLS CA G2	`2023-01-12` - `2024-01-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-01` - `2023-12-02`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2023-12-17`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-09` - `2023-11-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.extend.tv Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://daxie.supfree.net/
Frame ID: EBC3175C212CDADCDF297C281FDB7E92
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 3DE5584AA9069D9DA09AA4E69A6A1D09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&adk=1812271804&adf=3025194257&lmt=1697388923&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdaxie.supfree.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352922849&bpp=12&bdt=5731&idt=193&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1386379884913&frm=20&pv=2&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=214
Frame ID: 1CEF15A558483B702978AAF5C4823AB3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: CB36C7E56C05A41F9312665A34468BC8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8B6DC296A1982B64F83AF59834FC2B85
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSuM2wABl1QDiinaAANPhq_45ROL-KIuaLeC6Q&u=%7CnBDM0KN32q6KGCusRL3iiL0pmCjLtQcZBKI5XKdV40A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw82XsQHJg789pEAs7htfLd99LtJ7RhYmAu_Xri4Vh2cTHSO0BiiIXo7H0ZxIxBdbgFLVVWS3UYEhVJD1Cdt8gq4phdpTuSezwFMB1v6_CVtHrybV2-QzvkS6NFm0ghn0pacHSr9UV8XHyrc4nri3rOo3OYQ_NTEzGaB4-py7Na8ZkJPE9SitdxhXwCYURveRPfzj8FNGw5ejJiFGdtUZRyZ2uFULv7Wvj4Nvlw1TY2CDbgXNeYjqnj78guXvCt8ujJnNuuGYXLnYxQNRrWvtS2HS-Atlq5NGaUxhWzYGgM19Cae4qSDYl9N_kkh30MMmilkEK15_gNHQiEX9fGaKYdc-mYrRstsyva1d1ciXTlgDIHAWGd5zt3bt2areARXqnt4G-pQiNzqp0T_ATmTptwNi9iVKQK9Vj_1aOh8s3rfNAsJYb6GvWTSAIC3DlRWmT8RPhHBuq2QfGP7QjRT8dMz-K_Cp9mSPkXsXWF19K0jeRyR8ZeiwxfBIYJklsQppL6cfH00QLe892lPH9DsPqByppyFHiKyuv28lx2iw6c3dfs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFoVH24wrZdSuBtrTqMwPhp-NsAScge-wXKqbqap0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzExODkzMzE4OTUyNjQ0M8gBCagDAcgDAqoEygFP0KMeaw6AKNmSS4n95NdF58mzHxAJlVYIJS9MdeKhS0MknXOZ0XbEOx0moPWV341wtBu11O5PTpvGxuOobxf8SkjKwhumgyHdxYBPQj6W8fSdNVK706eiu7UwtrMlt9eNmm9dmIUbkV0lD-b4WJTZY1WpOfrESvVMYztRYSageh7YgsXk7VpXlnjptPJrOjgxuQypjhVlGyyAOnaeeAq-Yv4Lb3Yu-uwY11Jw5bpdrcjVnsPxDX_8p0HydyetASkl2SSTF6VXgLWogAaT5fKutKKC5iqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hrcnYHaJaE74ug9c5pZ5Zri8ZFg%26client%3Dca-pub-3118933189526443%26adurl%3D
Frame ID: D4086C684F74E5D08F285B85350AA90E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 062AEAE498677CDBB577BEBF41BB472F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1AE23308BA77082718969A62A025CDB1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Frame ID: 5EBF46075B6E18D4D3F84CB8910DEB6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=8906927933&adk=2857589783&adf=2493360191&pi=t.ma~as.8906927933&w=728&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=728x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927338&bpp=12&bdt=10220&idt=12&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=usZE2GbuGQ&p=https%3A//daxie.supfree.net&dtd=17
Frame ID: F2F384B4DC119E9B1ADE8173769C6A20
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=1529490354&adk=3857380178&adf=690523360&pi=t.ma~as.1529490354&w=680&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=680x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927749&bpp=1&bdt=10631&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124%2C728x280&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JYaFM3wWy1&p=https%3A//daxie.supfree.net&dtd=6
Frame ID: EE0618B6C0590FF0274DC3831E937D9B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E8536EB7E347E5F1E47DE9DA0AC72828
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSuM3wAMIwkFKNWHAAGde41CedJiHCH-oES6iQ&u=%7CZT0BpIPuqbk3UoQoL0K4C%2B69AEM7pPN0liNcHuwqg5U%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cF6cPJCBc3U80vn7lpjJv8dzpaJNIL0FOgj_96bofZAs_ytAgi42EyEUigjRW-MfQb-UDWiko1gzqnep1d6TGoPtALEQ6aK6TXhrz5s8hGYr7_zh34JxQntTFGElxUIMhMFBsUi6u61hPMvTcfxDKq9KUiTkp_iAyqot-dFqZLYwpHOHK1hAuJHoafLYlHHbAUqx50-o931m2Xeka-ZwQMpd6XmAHa83wIdECvmwxmKjla_7no3gzWtvac_RRuo_NGltr_B2-J35J9j9VCIwp0FvndY3tKsTQBGjQPrzgzJVVoSthZheQk3A2u1BroqdmTGwa3BGEUPI4g5v1Dy-cYpSpVOcE_8jYAy3P1VL77CjYX45tuURHMJjE8qMB8abRCdqWawgyTMeX5Y8e5xw5mYV8vMr2g4C8elESSSSq-WhQO_Wl4A3ndVjcuxJ92EERJJtrpBGipEUAn2gKdVHkVw0iVWawHqkQuES3U2G7UEpLBzfeV0n-kctKdEZ4E458gcDA084-ovqroF5aWqJvHUN8_7Kd7bG_QMBRc8BPoqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvt534wrZYnGMIero9kP-7qGuAScge-wXLLtt52dAcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTMxMTg5MzMxODk1MjY0NDPIAQmoAwHIAwKqBM8BT9CAMI8gAuWCT5gMemJDj6U8BBUwooXUL7OeHSgOcsWgRncim7Sryfw8OcuOooX7lSBxWVa4dmKIkFwebs_0IvolY2QIfjF_iTGb-WmER7IlpDtW39VbO0Femom2ajQDWKHPlTx6mqv3cGqBt17Q-okcnsNQ_HdzxZYLlzsf2Flvgx7oMBCzKFG2KG-k7rHkvSlCExxnkVTWo8mQ60ULccSzfHIacDMm2LOEHsEKbaRKAHazw_ktskX3YLExPg-EpCjymu3oCvPcQWQndBOAgAaT5fKutKKC5iqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0qfbtaPqBS2UoLij954QUUDnIq5A%26client%3Dca-pub-3118933189526443%26adurl%3D
Frame ID: 0FCAF1D73E2AA36334E7384DBCE4CF6A
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 40F33080213F3CC8822DDFF4CDE714B8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Frame ID: 450E24B31821097CFAE9A27907D27ABF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5355D5F5A53CC8529253C2099BF54329
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44C72B2B1E1550CE6493F963055DB83F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

数字大写转换

Page URL History Show full URLs

http://daxie.supfree.net/ HTTP 301
https://daxie.supfree.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

145
Requests

92 %
HTTPS

49 %
IPv6

29
Domains

41
Subdomains

26
IPs

2
Countries

1413 kB
Transfer

3360 kB
Size

39
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://ibaotu.com/ppt/3-0-0-0-3-1.html?format_type=0&spm=91

Search URL Search Domain Scan URL

URL: https://www.supfree.net/
Title: 首页

Search URL Search Domain Scan URL

URL: https://www.supfree.net/contact.asp
Title: 联系本站

Search URL Search Domain Scan URL

URL: https://www.supfree.net/map.asp
Title: 网站地图

Search URL Search Domain Scan URL

URL: https://www.supfree.net/about.asp
Title: 关于本站

Search URL Search Domain Scan URL

URL: https://cal.supfree.net/
Title: 计算器

Search URL Search Domain Scan URL

URL: https://formula.supfree.net/
Title: 公式大全

Search URL Search Domain Scan URL

URL: https://swift.supfree.net/
Title: SWIFT码

Search URL Search Domain Scan URL

URL: https://guanshui.supfree.net/
Title: 关税税率

Search URL Search Domain Scan URL

URL: https://duilian.supfree.net/
Title: 对联大全

Search URL Search Domain Scan URL

URL: https://kuaidi.supfree.net/
Title: 快递网点

Search URL Search Domain Scan URL

URL: https://dns.supfree.net/
Title: DNS服务器

Search URL Search Domain Scan URL

URL: https://xinyongka.supfree.net/
Title: 信用卡进度

Search URL Search Domain Scan URL

URL: https://jingdian.supfree.net/
Title: 旅游景点

Search URL Search Domain Scan URL

URL: https://zhuanhuan.supfree.net/
Title: 格式转换

Search URL Search Domain Scan URL

URL: https://chima.supfree.net/
Title: 衣服尺码

Search URL Search Domain Scan URL

URL: https://qinshu.supfree.net/
Title: 亲属关系

Search URL Search Domain Scan URL

URL: https://bankcard.supfree.net/
Title: 银行卡归属

Search URL Search Domain Scan URL

URL: https://book.supfree.net/
Title: 图书大全

Search URL Search Domain Scan URL

URL: https://movie.supfree.net/
Title: 电影大全

Search URL Search Domain Scan URL

URL: https://guji.supfree.net/
Title: 古籍大全

Search URL Search Domain Scan URL

URL: https://bank.supfree.net/
Title: 银行网点

Search URL Search Domain Scan URL

URL: https://junshi.supfree.net/
Title: 军事百科

Search URL Search Domain Scan URL

URL: https://wuqi.supfree.net/
Title: 武器大全

Search URL Search Domain Scan URL

URL: https://gupiao.supfree.net/
Title: 股票收益

Search URL Search Domain Scan URL

URL: https://painting.supfree.net/
Title: 世界名画

Search URL Search Domain Scan URL

URL: https://gonglv.supfree.net/
Title: 功率换算

Search URL Search Domain Scan URL

URL: https://cihai.supfree.net/
Title: 汉语辞海

Search URL Search Domain Scan URL

URL: https://secure.supfree.net/
Title: 安全检测

Search URL Search Domain Scan URL

URL: https://daxie.m.supfree.net/index.asp
Title: 手机版

Search URL Search Domain Scan URL

URL: https://www.jisuan.mobi/
Title: 计算器

Search URL Search Domain Scan URL

URL: https://www.zuotixia.com/
Title: 做题侠

Search URL Search Domain Scan URL

URL: https://www.shinatian.com/
Title: 是哪天

Search URL Search Domain Scan URL

URL: http://wpa.qq.com/msgrd?v=3&uin=1251948721&site=qq&menu=yes
Title: 本站QQ反馈

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://daxie.supfree.net/ HTTP 301
https://daxie.supfree.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://px.owneriq.net/ecmg?google_gid=CAESEPzX0LnP3gDMnS2yz_Mk1N8&google_cver=1&google_push=AXcoOmSGLpg6A08d-YIFQqiSbjPxAq-Wqoj6mq_HMjK29C6QaHHdfUWWEobWrML0sz93NIqkrXqJvwUnBw-2v24zkCmlEY75e5uyceu6zrN6YaMYe4oKHC-Z3YYK3QLFyRMwk-N5DLrQZXmn3_qQdsz2-EWXJw HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmSGLpg6A08d-YIFQqiSbjPxAq-Wqoj6mq_HMjK29C6QaHHdfUWWEobWrML0sz93NIqkrXqJvwUnBw-2v24zkCmlEY75e5uyceu6zrN6YaMYe4oKHC-Z3YYK3QLFyRMwk-N5DLrQZXmn3_qQdsz2-EWXJw%26google_cver%3d1%26google_gid%3dCAESEPzX0LnP3gDMnS2yz_Mk1N8%26google_hm%3dUTc1MDYzOTMyODEyNzI4OTgzMjI%3d&uid=Q7506393281272898322&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSGLpg6A08d-YIFQqiSbjPxAq-Wqoj6mq_HMjK29C6QaHHdfUWWEobWrML0sz93NIqkrXqJvwUnBw-2v24zkCmlEY75e5uyceu6zrN6YaMYe4oKHC-Z3YYK3QLFyRMwk-N5DLrQZXmn3_qQdsz2-EWXJw&google_cver=1&google_gid=CAESEPzX0LnP3gDMnS2yz_Mk1N8&google_hm=UTc1MDYzOTMyODEyNzI4OTgzMjI=

Request Chain 95

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPSE_nX6PNRsctsGdFcC3mg&google_cver=1&google_push=AXcoOmRBl8HGBn07WaZm9FkdYKVORlwZQ03CSnfaGXnviFhhgjqhHmgthjZgk6vnmDp51sHYKcMC07FFQhWB5eqmDv3o36-8FyczepFQXjUlon-5uYLFxIO0b1oeoyhetAyw3qUFYFEIuTxAo1_kOEBgFUnYKg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A6yaPkSJRo8iMeWOWUOI7w&google_push=AXcoOmRBl8HGBn07WaZm9FkdYKVORlwZQ03CSnfaGXnviFhhgjqhHmgthjZgk6vnmDp51sHYKcMC07FFQhWB5eqmDv3o36-8FyczepFQXjUlon-5uYLFxIO0b1oeoyhetAyw3qUFYFEIuTxAo1_kOEBgFUnYKg

Request Chain 96

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJvqxN1qlxbRn5cSG0AFBnk&google_push=AXcoOmTjlLMlvNDPCxFgpTuldsyX02wLWmVs7aZrojQbva9qht1IuRfR0G3dFXu0GVkz4tjqEjhNsxsSLZxPPOy8s8BJ-o1itwr_0jTi4HvUUOF0XWjdQGnDsaJQm84OE0Sm1Zs_C8ntTqPzXIYt_TxcYb9Po2o&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmTjlLMlvNDPCxFgpTuldsyX02wLWmVs7aZrojQbva9qht1IuRfR0G3dFXu0GVkz4tjqEjhNsxsSLZxPPOy8s8BJ-o1itwr_0jTi4HvUUOF0XWjdQGnDsaJQm84OE0Sm1Zs_C8ntTqPzXIYt_TxcYb9Po2o&google_hm=MTA1OTU0OTIxODg2MjM0MzgxNDI

Request Chain 98

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESELC3Xve39sYOh7QfvdF4WRg&google_cver=1&google_push=AXcoOmRUS_Kv9e9mqnATKg6FNNC5p2jlKNh4dLrigYm9VrotGLIhOlf3fMLcgU63d8OGgfY9lvsT3YGweaK-tMkpd_8udy6-eSKoSPoRbzKL9QRF_bMIfgWO2tO0ABFOCIVvFz2UWWNQrrtzu0RE46psbGdFCOX_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRUS_Kv9e9mqnATKg6FNNC5p2jlKNh4dLrigYm9VrotGLIhOlf3fMLcgU63d8OGgfY9lvsT3YGweaK-tMkpd_8udy6-eSKoSPoRbzKL9QRF_bMIfgWO2tO0ABFOCIVvFz2UWWNQrrtzu0RE46psbGdFCOX_&google_hm=QlMuNjA2Yi04Nzc4LTQzMGYtYWU1Zg==

Request Chain 99

https://trace.mediago.io/cs/google?google_gid=CAESEOMFQf0ede3jLeU5NWnQ9sQ&google_cver=1&google_push=AXcoOmTfoKM9QiwqSJ0KgI0V16kmH8UGoDiltUXmAPj4NZEZZPBlttmnMDvylwuhhJwe74AsQRbHr1JgN_5xuorwApUlp26aMjLZvDQEMP3pLnm5gTRxklWaHI4qwSMVZCib5lkqE3j18fSNbv7CobZRF4t1161Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTfoKM9QiwqSJ0KgI0V16kmH8UGoDiltUXmAPj4NZEZZPBlttmnMDvylwuhhJwe74AsQRbHr1JgN_5xuorwApUlp26aMjLZvDQEMP3pLnm5gTRxklWaHI4qwSMVZCib5lkqE3j18fSNbv7CobZRF4t1161Q&google_hm=f85ea035fc4b278f1iuzmj00lnr43xb4

Request Chain 108

https://googleads.g.doubleclick.net/pagead/adview?ai=C-IWa34wrZemcGKKqo9kP6a-o8AbYq9aXcLa-3qbvD2QQASDo_c4DYMnujovApIwQoAGtlprZA8gBAagDAcgDywSqBNIBT9C2CrndaJrPf_pJZ2keH4nMGeuOy9Z7Z59iyDWskSrrcMex8vhXTIiVWTtp-6Qqlj7PHRFO2QXSYUT6FKq2zBEyIhJZL0JTnY7AFdSAPiZwHei1RDVvbbt7Myj36z-BpjIErlaVrjrDFZ9HXOb2vXEPgRfr5XI7UPZ8lKnjfPhrJu2DMrSNDLeC4nsyBHufwam0D3Zt_tw9YRmE0BFhATIEgo0kNui0NYqtQtGrBpgBnAQqjUqbrJwjCtlh70tEWaO3nwN_bpF2h1egiGCZedwWwATV0pCS7gOIBfL4pcU9kgUECAQYAZIFBAgFGASAB7vp5SaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCc4lfSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJQ2h0dHBzOi8vd3d3LmFjcm9iaW9zeXN0ZW1zLmNvbS9BOTc0LUltbXVuZS1DaGVja3BvaW50LVByb3RlaW5zLmh0bWyACgHICwHaDBEKCxDg-Lm885a7tK0BEgIBA9gTCogUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTE4OTMzMTg5NTI2NDQzGAA&sigh=5P04-7eyewo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNzPq7h-Cu4-FfztkUY2TnWZyHdOjSlP5gXusvWYTNMLB1Q4lvwXANg1p98cLzR_0-M1obx8k-uhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x77d3664026e3cd5d0000000000000000%22,%222%22:%220x5139109c054148320000000000000000%22,%223%22:%220xf3ecc124f830a3780000000000000000%22,%224%22:%220xe3d91572229169200000000000000000%22,%225%22:%220x4c20b884f9c6f800000000000000000%22},%22debug_key%22:%226545069659328464044%22,%22debug_reporting%22:true,%22destination%22:%22https://acrobiosystems.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992381741%22],%224%22:[%2210-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218246517797458025009%22}&andc=true

Request Chain 115

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPWwSyD6saKStRTVCvv1Koc&google_cver=1&google_push=AXcoOmSI08SUmfCPLXvX71aKmGVkL1RZcvE9jk5sW3ymqNx-EBUC2fcTUdzu7zEOhyd7h8UgjEz4p9wPVIjDb8-aDw6smhEQQNwrpaSpYIEYnwRyT-hnzoVmUnThzMerWDDgZsVK2QQ4Y1e3Qa79AE5AjLk1JNA HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1cf022236c480693&is_secure=true&networkId=14000&version=1&google_gid=CAESEPWwSyD6saKStRTVCvv1Koc&google_cver=1&google_push=AXcoOmSI08SUmfCPLXvX71aKmGVkL1RZcvE9jk5sW3ymqNx-EBUC2fcTUdzu7zEOhyd7h8UgjEz4p9wPVIjDb8-aDw6smhEQQNwrpaSpYIEYnwRyT-hnzoVmUnThzMerWDDgZsVK2QQ4Y1e3Qa79AE5AjLk1JNA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACBgLvSoV8jQMLemMeAAAAAAA&expiration=1697439328&google_cver=1&is_secure=true&google_gid=CAESEPWwSyD6saKStRTVCvv1Koc&google_push=AXcoOmSI08SUmfCPLXvX71aKmGVkL1RZcvE9jk5sW3ymqNx-EBUC2fcTUdzu7zEOhyd7h8UgjEz4p9wPVIjDb8-aDw6smhEQQNwrpaSpYIEYnwRyT-hnzoVmUnThzMerWDDgZsVK2QQ4Y1e3Qa79AE5AjLk1JNA

Request Chain 116

https://d.agkn.com/pixel/2175/?google_gid=CAESEIFU3PMC_Na9uvFAZs5hSbw&google_cver=1&google_push=AXcoOmQvJiCklaWk2ygb7hNZposjZ3qfe81PBswm39nm3sOHKJSSlZUMvCy6i_nH8Y8t4X5Jp6XiWKG6llE18wOogecaW073IohJpMM31XM3KvktFbPhnMn4kDynkl0HfAj-k0BstPvkIoPgWXnYgQ_o-qi8urA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQvJiCklaWk2ygb7hNZposjZ3qfe81PBswm39nm3sOHKJSSlZUMvCy6i_nH8Y8t4X5Jp6XiWKG6llE18wOogecaW073IohJpMM31XM3KvktFbPhnMn4kDynkl0HfAj-k0BstPvkIoPgWXnYgQ_o-qi8urA&google_hm=Q0FFU0VJRlUzUE1DX05hOXV2RkFaczVoU2J3

Request Chain 117

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQGJmQ3aUfQr1Tgapq71GSxzwifvd8Q406vW0j0b-72rq_RWyhZEmi6RbhGBEIlt-MxtUI7cPYDlF6-_wNvVGG9PhywE4BhaIPGeWiqod9ZsDteh6qx6fTw-yN4x34vWJSPNyTvAbPap_dK4NGByE4v2y0&google_gid=CAESEHhKzxz3-njxJupPHV-6zpE&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOCZrqkGEgUI6AcQAEIASqsBZ29vZ2xlX3B1c2g9QVhjb09tUUdKbVEzYVVmUXIxVGdhcHE3MUdTeHp3aWZ2ZDhRNDA2dlcwajBiLTcycnFfUld5aFpFbWk2UmJoR0JFSWx0LU14dFVJN2NQWURsRjYtX3dOdlZHRzlQaHl3RTRCaGFJUEdlV2lxb2Q5WnNEdGVoNnF4NmZUdy15TjR4MzR2V0pTUE55VHZBYlBhcF9kSzROR0J5RTR2Mnkw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwanFpYkEwRU9HQzRHSHpoQjFWSWlUZWExcHFiUGlxRzlGZlp0RjFWazVvcw==&google_push

Request Chain 118

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDVkBBJRTH5W20Jv5uLDDvA&google_cver=1&google_push=AXcoOmQg5fVWM8jmXiKibb9h0qaUpZYazT013_HgboLyTWidfHrg7Xi8BQ970K0Z4EoKojCiSGycsndK46-dft0scm8UVVttMv4BKKWzucHGDMWGpC2J-8VI2_pM4m8-TVeVPw6hTSnhMbYGbkxBfP7IXWJ7rzU HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDVkBBJRTH5W20Jv5uLDDvA&google_cver=1&google_push=AXcoOmQg5fVWM8jmXiKibb9h0qaUpZYazT013_HgboLyTWidfHrg7Xi8BQ970K0Z4EoKojCiSGycsndK46-dft0scm8UVVttMv4BKKWzucHGDMWGpC2J-8VI2_pM4m8-TVeVPw6hTSnhMbYGbkxBfP7IXWJ7rzU HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8f9837b3-fd6f-4094-96c9-cce6d268ed2f&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQg5fVWM8jmXiKibb9h0qaUpZYazT013_HgboLyTWidfHrg7Xi8BQ970K0Z4EoKojCiSGycsndK46-dft0scm8UVVttMv4BKKWzucHGDMWGpC2J-8VI2_pM4m8-TVeVPw6hTSnhMbYGbkxBfP7IXWJ7rzU&google_hm=drcty0mhRRKSzOGPJWW55g==

Request Chain 120

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEE9D9U3-jsa-TgHu3l6Q8q0&google_cver=1&google_push=AXcoOmRH1TfYfggS_gQqwZHo5uW7CiyV9bKMVFsov3AHBodPcjoqezS9bc0j1-A_d4qzB9TVokhUQJn6TCZ-tBrNuOTC9C3wToP49FxIvIq6hMNmDuO1fZSa_OzUB5-IP-C7xsqezG-2wuXpMEPWassvW8IDam2Z HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEE9D9U3-jsa-TgHu3l6Q8q0%26google_cver%3D1%26google_push%3DAXcoOmRH1TfYfggS_gQqwZHo5uW7CiyV9bKMVFsov3AHBodPcjoqezS9bc0j1-A_d4qzB9TVokhUQJn6TCZ-tBrNuOTC9C3wToP49FxIvIq6hMNmDuO1fZSa_OzUB5-IP-C7xsqezG-2wuXpMEPWassvW8IDam2Z HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A7205084461719632904&exchange=193&google_gid=CAESEE9D9U3-jsa-TgHu3l6Q8q0&google_cver=1&google_push=AXcoOmRH1TfYfggS_gQqwZHo5uW7CiyV9bKMVFsov3AHBodPcjoqezS9bc0j1-A_d4qzB9TVokhUQJn6TCZ-tBrNuOTC9C3wToP49FxIvIq6hMNmDuO1fZSa_OzUB5-IP-C7xsqezG-2wuXpMEPWassvW8IDam2Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTcyMDUwODQ0NjE3MTk2MzI5MDQ&google_push=AXcoOmRH1TfYfggS_gQqwZHo5uW7CiyV9bKMVFsov3AHBodPcjoqezS9bc0j1-A_d4qzB9TVokhUQJn6TCZ-tBrNuOTC9C3wToP49FxIvIq6hMNmDuO1fZSa_OzUB5-IP-C7xsqezG-2wuXpMEPWassvW8IDam2Z

Request Chain 121

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEMSbLY41t-fR_P2LC19cwoM&google_cver=1&google_push=AXcoOmRZAEcmFMTQR7kca_7w3ZxlLcJydYie5E4quKr7NYpJdccxhadtZXzAapZTBqkBVWXkJD5Dt_5xUVKzNIdy5WHxTA0dd1w430DppqKUc8mKSzB8UDxBey7acepmvloC7YeOwcfBYlzeky3ciZ-Tgs7Rkg0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRZAEcmFMTQR7kca_7w3ZxlLcJydYie5E4quKr7NYpJdccxhadtZXzAapZTBqkBVWXkJD5Dt_5xUVKzNIdy5WHxTA0dd1w430DppqKUc8mKSzB8UDxBey7acepmvloC7YeOwcfBYlzeky3ciZ-Tgs7Rkg0&google_hm=yPfccH3nTga3BJcVpBigMCM

145 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
daxie.supfree.net/
Redirect Chain

http://daxie.supfree.net/
https://daxie.supfree.net/

13 KB
5 KB

1451ms
372ms

Document
text/html

122.114.199.212
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://daxie.supfree.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.114.199.212 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: eb4179e81e1492fc70dfdb95eea1a9d0741bf04654b922cbd9a306604d3669e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4560
Content-Type: text/html
Date: Sat, 14 Oct 2023 19:01:16 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 15 Oct 2023 06:55:15 GMT
Location: https://daxie.supfree.net/
Server: kangle/3.5.14

GET
H/1.1 200
OK jquery.min.js Show response
libs.baidu.com/jquery/2.0.0/ 81 KB
29 KB 3104ms
663ms Script
application/x-javascript 39.156.66.111
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.baidu.com/jquery/2.0.0/jquery.min.js

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

Apache /

Resource Hash

91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451

Security Headers

Name	Value
Strict-Transport-Security	max-age=87600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 06:55:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=87600
Last-Modified: Wed, 07 Jan 2015 09:16:30 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 14 Nov 2023 06:55:20 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
libs.baidu.com/bootstrap/3.0.3/js/ 27 KB
8 KB 574ms
574ms Script
application/x-javascript 39.156.66.111
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.baidu.com/bootstrap/3.0.3/js/bootstrap.min.js

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

Apache /

Resource Hash

46ed2dfb732a01dbc80515ce6a48bcb24dea4bcab8522c71868231812000b58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=87600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 06:55:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=87600
Last-Modified: Mon, 01 Dec 2014 10:42:08 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 14 Nov 2023 06:55:22 GMT

GET
H/1.1 200
OK bootstrap.min.css
libs.baidu.com/bootstrap/3.0.3/css/ 97 KB
17 KB 3999ms
3997ms Stylesheet
text/css 39.156.66.111
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.baidu.com/bootstrap/3.0.3/css/bootstrap.min.css

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

Apache /

Resource Hash

81e40cfd9268d77c245692bfe869d56836f557c91b494785b0cf068e875b9892

Security Headers

Name	Value
Strict-Transport-Security	max-age=87600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 06:55:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=87600
Last-Modified: Mon, 01 Dec 2014 10:42:08 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 14 Nov 2023 06:55:26 GMT

GET
H/1.1 200
OK style.css
fff1208.supfree.net/ 8 KB
3 KB 2039ms
317ms Stylesheet
text/css 122.114.199.212
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://fff1208.supfree.net/style.css
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.114.199.212 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 9ffa651fa152c5d27e46825b050a97a861b24ad80792ebd0144fa84883ebfd87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 20:30:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jul 2022 13:57:52 GMT
Server: Microsoft-IIS/7.5
ETag: "03087b2f7a0d81:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2397

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 117ms
58ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3118933189526443

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebda3e725e5f7f3290ad7a9e5181bb414d1ae48738a45f8297d476e20b5a1a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daxie.supfree.net/
Origin: https://daxie.supfree.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51307
x-xss-protection: 0
server: cafe
etag: 11266841529107899681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 06:55:22 GMT

GET
H/1.1 200
OK logo.gif
www.supfree.net/images/ 18 KB
18 KB 4853ms
309ms Image
image/gif 122.114.199.212
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.supfree.net/images/logo.gif
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.114.199.212 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 9a14d1d430d900101ad8b8834c62f05f42831fedd08735604b537c4777fa7aa8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 00:21:37 GMT
Last-Modified: Wed, 13 Apr 2016 08:48:46 GMT
Server: Microsoft-IIS/7.5
ETag: "0eb374a6195d11:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18132

GET
H/1.1 200
OK baotu.gif
img.supfree.net/ 26 KB
26 KB 2769ms
339ms Image
image/gif 122.114.199.212
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.supfree.net/baotu.gif
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.114.199.212 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: de0198f37835cbb1e956c27720a54ce3fa1f9e2780ec312b59a515ff6fc4c706

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 00:21:37 GMT
Last-Modified: Fri, 19 Jun 2020 16:18:42 GMT
Server: Microsoft-IIS/7.5
ETag: "09d484c5546d61:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26189

GET
H2 200 daxie.png
x.pocidian.com/ico/ 3 KB
3 KB 2797ms
272ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/daxie.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 6c86da9e92fba9961e614a799e8f3046ace4c5544a3042708142e49e83e671b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:25 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:21 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2785

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 393 KB
133 KB 126ms
75ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3118933189526443

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99dd5fcbb8dcff74ea1144ae951d21e286abe7472e6b94e0b9bf2d185743f617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136553
x-xss-protection: 0
server: cafe
etag: 6941842934303926739
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 06:55:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 3DE5 10 KB
5 KB 85ms
25ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3118933189526443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daxie.supfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 6680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 05:04:02 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 05:04:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 99ms
39ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=daxie.supfree.net&callback=_gfp_s_&client=ca-pub-3118933189526443

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57dc7d5cd0f432520a0c74dddd8c2ae6cc1a8ab66dba378f0a385f2e9a9851b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1CEF 238 KB
60 KB 356ms
355ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&adk=1812271804&adf=3025194257&lmt=1697388923&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdaxie.supfree.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352922849&bpp=12&bdt=5731&idt=193&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1386379884913&frm=20&pv=2&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=214

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9adc2eb337b467dfc00fead6e958b96ea35e09af3a882d6fb9733f1de2ad3d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daxie.supfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61418
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:55:23 GMT
expires: Sun, 15 Oct 2023 06:55:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 157 KB
53 KB 60ms
59ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efb06d892293b1ed1a59f10f726abfed843e85dd34311dbcbeae29e8db253fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54653
x-xss-protection: 0
server: cafe
etag: 12336788630435298042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 06:55:23 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame CB36 10 KB
4 KB 25ms
24ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daxie.supfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 32308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 21:56:55 GMT
etag: 2603938475786422795
expires: Sat, 28 Oct 2023 21:56:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 8B6D 10 KB
4 KB 26ms
25ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daxie.supfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 32308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 21:56:55 GMT
etag: 2603938475786422795
expires: Sat, 28 Oct 2023 21:56:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame CB36 4 KB
1 KB 103ms
39ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 15 Oct 2023 06:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 15 Oct 2023 05:42:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Oct 2023 06:55:23 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CB36 205 B
296 B 89ms
25ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:14:21 GMT
x-content-type-options: nosniff
age: 409262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 09 Oct 2024 13:14:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CB36 604 B
1 KB 87ms
24ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 05:40:52 GMT
x-content-type-options: nosniff
age: 350071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 10 Oct 2024 05:40:52 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame CB36 15 KB
7 KB 92ms
31ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 11:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 11:40:52 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame CB36 20 KB
9 KB 85ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 13:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 13:36:51 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame D408 103 KB
39 KB 295ms
48ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZSuM2wABl1QDiinaAANPhq_45ROL-KIuaLeC6Q&u=%7CnBDM0KN32q6KGCusRL3iiL0pmCjLtQcZBKI5XKdV40A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw82XsQHJg789pEAs7htfLd99LtJ7RhYmAu_Xri4Vh2cTHSO0BiiIXo7H0ZxIxBdbgFLVVWS3UYEhVJD1Cdt8gq4phdpTuSezwFMB1v6_CVtHrybV2-QzvkS6NFm0ghn0pacHSr9UV8XHyrc4nri3rOo3OYQ_NTEzGaB4-py7Na8ZkJPE9SitdxhXwCYURveRPfzj8FNGw5ejJiFGdtUZRyZ2uFULv7Wvj4Nvlw1TY2CDbgXNeYjqnj78guXvCt8ujJnNuuGYXLnYxQNRrWvtS2HS-Atlq5NGaUxhWzYGgM19Cae4qSDYl9N_kkh30MMmilkEK15_gNHQiEX9fGaKYdc-mYrRstsyva1d1ciXTlgDIHAWGd5zt3bt2areARXqnt4G-pQiNzqp0T_ATmTptwNi9iVKQK9Vj_1aOh8s3rfNAsJYb6GvWTSAIC3DlRWmT8RPhHBuq2QfGP7QjRT8dMz-K_Cp9mSPkXsXWF19K0jeRyR8ZeiwxfBIYJklsQppL6cfH00QLe892lPH9DsPqByppyFHiKyuv28lx2iw6c3dfs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFoVH24wrZdSuBtrTqMwPhp-NsAScge-wXKqbqap0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzExODkzMzE4OTUyNjQ0M8gBCagDAcgDAqoEygFP0KMeaw6AKNmSS4n95NdF58mzHxAJlVYIJS9MdeKhS0MknXOZ0XbEOx0moPWV341wtBu11O5PTpvGxuOobxf8SkjKwhumgyHdxYBPQj6W8fSdNVK706eiu7UwtrMlt9eNmm9dmIUbkV0lD-b4WJTZY1WpOfrESvVMYztRYSageh7YgsXk7VpXlnjptPJrOjgxuQypjhVlGyyAOnaeeAq-Yv4Lb3Yu-uwY11Jw5bpdrcjVnsPxDX_8p0HydyetASkl2SSTF6VXgLWogAaT5fKutKKC5iqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hrcnYHaJaE74ug9c5pZ5Zri8ZFg%26client%3Dca-pub-3118933189526443%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a8a7cbb48fbae0e74faad35d030d62a5458a64196bd48938688c1f89ef94e823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:55:23 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=nZ9_Qx5Vh_gObRi1dH8Ed9VtKrhr_H9DVmj6DKvXP7nBs3YD6JZBcxjFU6al16qzcjJyN0BrMnpDDR_NJl-_ZtqFFec5F_W8mOlRsGblwt8kwJAr9llXTqofshV2IF5p7t6pH8YvzFoLDGvV9SCQl7wbqufkNt5WT1W-rz20P8da8TsZEcmKcyDGpYChPRiqBDLpegUeNpHDa70Sl_0KdEQuvhGzwXLHVpYrRlV1lrysPycfj571spksnYkOwjndpBMxP7FNfcfN20Ng"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 19683215
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 8B6D 3 KB
1 KB 89ms
46ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 00:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 00:22:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 8B6D 20 KB
8 KB 71ms
29ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 00:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 00:22:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B6D 187 KB
59 KB 140ms
78ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Oct 2023 06:55:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 062A 2 KB
973 B 25ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 12:54:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 062A 23 KB
9 KB 24ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 12:54:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1AE2 143 B
166 B 29ms
27ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:31:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 062A 3 KB
1 KB 26ms
23ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 00:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 00:22:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 062A 20 KB
8 KB 27ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 00:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 00:22:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 062A 187 KB
59 KB 71ms
68ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Oct 2023 06:55:23 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 062A 35 KB
15 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 03:13:34 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1AE2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
54ms

Document
text/html

2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:55:23 GMT
expires: Sun, 15 Oct 2023 06:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:55:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8B6D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88c64c6d86d603cbd52d9022f52d57ac971869796b5fc839f5a6a51251333509

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8B6D 0
23 B 61ms
60ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTqXM24wrZdSuBtrTqMwPhp-NsAScge-wXKqbqap0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzExODkzMzE4OTUyNjQ0M8gBCagDAcgDAqoExwFP0KMeaw6AKNmSS4n95NdF58mzHxAJlVYIJS9MdeKhS0MknXOZ0XbEOx0moPWV341wtBu11O5PTpvGxuOobxf8SkjKwhumgyHdxYBPQj6W8fSdNVK706eiu7UwtrMlt9eNmm9dmIUbkV0lD-b4WJTZY1WpOfrESvVMYztRYSageh7YgsXk7VpXlnjptPJrOjgxuQypjhVlGyyAOnaeeAq-Yv5JbVa8PFHzrdub2m7RlC9xL8zZBFHkY9oBDa5kvzcJwaVXg5ywgAaT5fKutKKC5iqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMxMTg5MzMxODk1MjY0NDMYAA&sigh=ohbdv0419-o&uach_m=[UACH]&cid=CAQSTADICaaNu3jgVNPTMFNvP1kCEYCgVTellGymHKM3EJwP5rZxGi-709gB3WMq7ui5mWNRYc95sEBGu-KLp1icRGJGJL633yIEhndZZj4YAQ&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 15 Oct 2023 06:55:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 15 Oct 2023 06:55:23 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 8B6D 0
126 B 92ms
28ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kPnAF836RO0HfOIinRcCAAAA9mPi-Ayu5B8Q2owrZbAfAVCVbI2RtGQAABIAAAoKQVFVQkNnRUJDZw&wp=ZSuM2wABl1QDiinaAANPhq_45ROL-KIuaLeC6Q&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:23 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 150613
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D408 2 KB
1 KB 102ms
27ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSuM2wABl1QDiinaAANPhq_45ROL-KIuaLeC6Q&u=%7CnBDM0KN32q6KGCusRL3iiL0pmCjLtQcZBKI5XKdV40A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw82XsQHJg789pEAs7htfLd99LtJ7RhYmAu_Xri4Vh2cTHSO0BiiIXo7H0ZxIxBdbgFLVVWS3UYEhVJD1Cdt8gq4phdpTuSezwFMB1v6_CVtHrybV2-QzvkS6NFm0ghn0pacHSr9UV8XHyrc4nri3rOo3OYQ_NTEzGaB4-py7Na8ZkJPE9SitdxhXwCYURveRPfzj8FNGw5ejJiFGdtUZRyZ2uFULv7Wvj4Nvlw1TY2CDbgXNeYjqnj78guXvCt8ujJnNuuGYXLnYxQNRrWvtS2HS-Atlq5NGaUxhWzYGgM19Cae4qSDYl9N_kkh30MMmilkEK15_gNHQiEX9fGaKYdc-mYrRstsyva1d1ciXTlgDIHAWGd5zt3bt2areARXqnt4G-pQiNzqp0T_ATmTptwNi9iVKQK9Vj_1aOh8s3rfNAsJYb6GvWTSAIC3DlRWmT8RPhHBuq2QfGP7QjRT8dMz-K_Cp9mSPkXsXWF19K0jeRyR8ZeiwxfBIYJklsQppL6cfH00QLe892lPH9DsPqByppyFHiKyuv28lx2iw6c3dfs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFoVH24wrZdSuBtrTqMwPhp-NsAScge-wXKqbqap0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMzExODkzMzE4OTUyNjQ0M8gBCagDAcgDAqoEygFP0KMeaw6AKNmSS4n95NdF58mzHxAJlVYIJS9MdeKhS0MknXOZ0XbEOx0moPWV341wtBu11O5PTpvGxuOobxf8SkjKwhumgyHdxYBPQj6W8fSdNVK706eiu7UwtrMlt9eNmm9dmIUbkV0lD-b4WJTZY1WpOfrESvVMYztRYSageh7YgsXk7VpXlnjptPJrOjgxuQypjhVlGyyAOnaeeAq-Yv4Lb3Yu-uwY11Jw5bpdrcjVnsPxDX_8p0HydyetASkl2SSTF6VXgLWogAaT5fKutKKC5iqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hrcnYHaJaE74ug9c5pZ5Zri8ZFg%26client%3Dca-pub-3118933189526443%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:55:24 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame D408 2 KB
1 KB 103ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:55:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D408 308 B
636 B 102ms
28ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 09 Oct 2024 06:55:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D408 293 B
621 B 120ms
47ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 09 Oct 2024 06:55:24 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame D408 43 B
348 B 275ms
30ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=Ktt_vuFkw3lDzcV2HKnd29JcYN8AI7CnpkYG5g9fDQvgA0aS8a4YY40Bdp_Yvy5RTIhaPhhUPHiTMLUqvF6ZkWkJqecMLDdmjMYeUM5ugzW0QqKN-Y7RIQNHxJcDkNzz5UqhUi1MoZ5eCEz38S4ylj3yKqlpcyf4Xk1hG7mHN5m_4rI7RdKeKyeQf3mR5AT5hVDGZle__e96Cp4D96NLp5PSATxypVPCeB5SXQ_ImPZpEPg3E-I1ibhUypLJzzDwsDZQ8xeeUA4VDIgMyvrDVuX6D-gMxmqGSY17rSzTSv6YH9mQsUIraJQFD8-K-qf-Vv33TZXKaxkTqTHDtGNA5N7HjSF2vl_H2U53FTOBCF6ureOJFirTN5ljga6xUqjlZCA7fl8QLUnM_zjJK0xPz_ihhzdyfKhr6nHQTKRK9lu9Wy-l

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2736761
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EBF 37 KB
14 KB 30ms
29ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 292005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:48:39 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D408 12 KB
6 KB 65ms
32ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:55:24 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D408 35 KB
35 KB 132ms
59ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=244&m=0&partner=102266&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F102266%2F4793739%2F1371674528fd4403ab35a736b15beaac_logo_-_boston_brain_science.png&v=3&w=402&rid=4&s=JLSd0kFSjKlj6wCAGqJ0Ittw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

97d8582beef14852d6f90a9bea709d01c828275851d04eafbdbdc9b352db5715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 35655
expires: Fri, 30 Aug 2024 01:36:11 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D408 0
128 B 104ms
28ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=nZ9_Qx5Vh_gObRi1dH8Ed9VtKrhr_H9DVmj6DKvXP7nBs3YD6JZBcxjFU6al16qzcjJyN0BrMnpDDR_NJl-_ZtqFFec5F_W8mOlRsGblwt8kwJAr9llXTqofshV2IF5p7t6pH8YvzFoLDGvV9SCQl7wbqufkNt5WT1W-rz20P8da8TsZEcmKcyDGpYChPRiqBDLpegUeNpHDa70Sl_0KdEQuvhGzwXLHVpYrRlV1lrysPycfj571spksnYkOwjndpBMxP7FNfcfN20Ng&sds=2&rev=88837&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 15 Oct 2023 06:55:23 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D408 2 KB
1 KB 50ms
45ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:55:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D408 2 KB
1 KB 52ms
47ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:55:24 GMT

GET
H/1.1 200
OK bgr_menu.png
img.supfree.net/i/ 421 B
691 B 386ms
384ms Image
image/png 122.114.199.212
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.supfree.net/i/bgr_menu.png
Requested by: Host: fff1208.supfree.net
URL: https://fff1208.supfree.net/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.114.199.212 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 93471998fe7fcc15c31804f0f506177bbb9a100f74085f82f5999150dbad457d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fff1208.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 00:21:37 GMT
Last-Modified: Tue, 19 Sep 2023 05:48:18 GMT
Server: Microsoft-IIS/7.5
ETag: "07dc1e3bcead91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 421

GET
H/1.1 200
OK bgr_menu_li.gif
img.supfree.net/i// 256 B
527 B 345ms
344ms Image
image/gif 122.114.199.212
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.supfree.net/i//bgr_menu_li.gif
Requested by: Host: fff1208.supfree.net
URL: https://fff1208.supfree.net/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.114.199.212 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 6b160728ca22891398d6ba666133291d6c6edc62e1533c7a01a64312751e30b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fff1208.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 00:21:37 GMT
Last-Modified: Sun, 15 Nov 2015 14:22:45 GMT
Server: Microsoft-IIS/7.5
ETag: "80286e18b11fd11:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 256

GET
H/1.1 200
OK bgr_body.gif
img.supfree.net/i/ 93 B
362 B 722ms
375ms Image
image/gif 122.114.199.212
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.supfree.net/i/bgr_body.gif
Requested by: Host: fff1208.supfree.net
URL: https://fff1208.supfree.net/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.114.199.212 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: f81e1d811e807a97b7086c1c6f85c38caabb293ffcca7fdffb34ffba2b296b79

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fff1208.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 00:21:37 GMT
Last-Modified: Sat, 14 Nov 2015 15:44:16 GMT
Server: Microsoft-IIS/7.5
ETag: "0c84751f31ed11:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93

GET
H/1.1 200
OK bgr_body_top.png
img.supfree.net/i/ 48 KB
49 KB 728ms
343ms Image
image/png 122.114.199.212
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.supfree.net/i/bgr_body_top.png
Requested by: Host: fff1208.supfree.net
URL: https://fff1208.supfree.net/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.114.199.212 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 42ede0fcde3db993b17d0f152cd97ed7a0779690a0e510cc58ca58ac55f0921d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fff1208.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 00:21:37 GMT
Last-Modified: Tue, 19 Sep 2023 05:48:18 GMT
Server: Microsoft-IIS/7.5
ETag: "07dc1e3bcead91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49393

GET
H/1.1 200
OK bgr_body_end.png
img.supfree.net/i/ 10 KB
10 KB 1032ms
374ms Image
image/png 122.114.199.212
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.supfree.net/i/bgr_body_end.png
Requested by: Host: fff1208.supfree.net
URL: https://fff1208.supfree.net/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.114.199.212 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 36a98b7ad796efce6426efe1eebff96692ec7127561039ac5756fd7834c66956

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fff1208.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 00:21:37 GMT
Last-Modified: Tue, 19 Sep 2023 05:48:16 GMT
Server: Microsoft-IIS/7.5
ETag: "05090e2bcead91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10045

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F2F3 126 KB
43 KB 439ms
438ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=8906927933&adk=2857589783&adf=2493360191&pi=t.ma~as.8906927933&w=728&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=728x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927338&bpp=12&bdt=10220&idt=12&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=usZE2GbuGQ&p=https%3A//daxie.supfree.net&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85637810c965b1c84310695f979e8b647eac32767ff4a121c9afb71128fb3ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daxie.supfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44105
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:55:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK pc_down.js Show response
fff1208.supfree.net/ 604 B
531 B 381ms
380ms Script
application/x-javascript 122.114.199.212
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://fff1208.supfree.net/pc_down.js
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.114.199.212 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: d018da9239b60ccbb1045bb7b78d9f4fb292834a5b4e829a250ce08cc901758f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 20:30:27 GMT
Content-Encoding: br
Last-Modified: Wed, 04 Sep 2019 02:20:51 GMT
Server: Microsoft-IIS/7.5
ETag: "9432105fc762d51:0"
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 223

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fff1208.supfree.net
URL: https://fff1208.supfree.net/pc_down.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb4f390bd82a9f375b470a6d008a0ea8b61f561971c2a6e120bad3614df49b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51303
x-xss-protection: 0
server: cafe
etag: 15956006991194346031
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 06:55:27 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE06 38 KB
16 KB 274ms
273ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=1529490354&adk=3857380178&adf=690523360&pi=t.ma~as.1529490354&w=680&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=680x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927749&bpp=1&bdt=10631&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124%2C728x280&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JYaFM3wWy1&p=https%3A//daxie.supfree.net&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f5fa4a861c77144a7b339a841b4143d7979c72277117eb190f840adeb467925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daxie.supfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:55:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cal.png
x.pocidian.com/ico/ 3 KB
3 KB 266ms
265ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/cal.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 1fbedfbd0d3132630e9932685535ed970f3c855913fcfe143558ebf64c4dcbb3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:11 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2956

GET
H2 200 formula.png
x.pocidian.com/ico/ 3 KB
4 KB 267ms
265ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/formula.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 0dc294c62409f01a13b7d81e5f9b0c88a5a3ef7ee0e8e46c9ce16fb960f35544

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
last-modified: Sat, 05 Nov 2022 14:19:38 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 3541

GET
H2 200 swift.png
x.pocidian.com/ico/ 4 KB
4 KB 268ms
266ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/swift.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: cfa4163c95ebf854c883dd12437d33d241d671aa323fb80a27773718d0167872

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
last-modified: Tue, 22 Nov 2022 14:23:30 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 4068

GET
H2 200 guanshui.png
x.pocidian.com/ico/ 2 KB
2 KB 276ms
274ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/guanshui.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 751e70f5e7e77ae7b00696f7fd92f59552c18d8db48be62aef1fa401036c5637

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:40 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 1754

GET
H2 200 duilian.png
x.pocidian.com/ico/ 3 KB
3 KB 531ms
529ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/duilian.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: d7690d5dca09b418fe1b72d13a38da5c71057dfb627b72b1ee5f9e081ccf987f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:26 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 3090

GET
H2 200 kuaidi.png
x.pocidian.com/ico/ 3 KB
3 KB 532ms
529ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/kuaidi.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 8b6ca2c109c3ab6e0fd426481a435a12cd36848c8caddf663fbdb5407863348e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:47:05 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2570

GET
H2 200 dns.png
x.pocidian.com/ico/ 3 KB
3 KB 533ms
530ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/dns.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 5dbbfab9448336f44d818728fbacd285619d9af44202aacaadd6717127f4565f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:24 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2612

GET
H2 200 xinyongka.png
x.pocidian.com/ico/ 3 KB
3 KB 533ms
531ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/xinyongka.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 67e87d1ec0c239aaed98fec5e1769e3ef251b2bd11fd354bf125b7b6431005c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:48:01 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2827

GET
H2 200 jingdian.png
x.pocidian.com/ico/ 3 KB
4 KB 534ms
531ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/jingdian.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 2dcc7d9797069e986e78df75fc060954c5f5f0234f5f1a45e5c0f722e97417e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:56 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 3300

GET
H2 200 zhuanhuan.png
x.pocidian.com/ico/ 1 KB
2 KB 534ms
532ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/zhuanhuan.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 308eb4a9539c32e950fbf57e78f6befbcf95994d62baa7662d2c5da453fd00bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:48:13 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 1229

GET
H2 200 chima.png
x.pocidian.com/ico/ 3 KB
3 KB 535ms
533ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/chima.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: f3d519c68596fd187897c5b5753729795b469fdfc91649d9cc4d1abe709a322b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:16 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 3071

GET
H2 200 qinshu.png
x.pocidian.com/ico/ 3 KB
4 KB 539ms
538ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/qinshu.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 8874b28d64ee24a4b63c56bc88e86dc7819539ebff1c48266f7167246ac848b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:47:24 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 3274

GET
H2 200 bankcard.png
x.pocidian.com/ico/ 2 KB
2 KB 796ms
794ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/bankcard.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: ee5538ffe2919a4a23493a4bb0ab0e6ffa2bc46ee7d05c6b07e19a40b0e3a967

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:04 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 1668

GET
H2 200 book.png
x.pocidian.com/ico/ 2 KB
3 KB 796ms
795ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/book.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 578c6b5d8c68e0369bed833e342d28d8729a16732e0c82552ce2518372ef6c87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:09 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2165

GET
H2 200 movie.png
x.pocidian.com/ico/ 2 KB
3 KB 797ms
796ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/movie.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 9e19d95ec4343dbe37cd6c5ec4f3b679ed0cfe0f3b9b3f45c76e477a39fb12f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:47:16 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2514

GET
H2 200 guji.png
x.pocidian.com/ico/ 5 KB
5 KB 797ms
796ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/guji.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 8858e2ce3a69c11085cb405d611e9f4060912e6f88cb33ed5cd97f593ce3158d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:41 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 4783

GET
H2 200 bank.png
x.pocidian.com/ico/ 3 KB
3 KB 798ms
797ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/bank.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 07e7d904102422650eb36e12a2d9b397850b4ae7dd75ac9ffbc6877723a0720c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:03 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2802

GET
H2 200 junshi.png
x.pocidian.com/ico/ 3 KB
4 KB 798ms
798ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/junshi.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: e16a0b0504943fdc2c34bf71e32dd3693ca3300bf6f7ded118f1f804734400eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:47:02 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 3299

GET
H2 200 wuqi.png
x.pocidian.com/ico/ 4 KB
5 KB 799ms
799ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/wuqi.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 0bbf42ef6b2a6a6ed10af0a0aad1bc6163d558dbaddd8e6c829b5f2bca0b615f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:47:57 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 4291

GET
H2 200 gupiao.png
x.pocidian.com/ico/ 3 KB
4 KB 800ms
799ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/gupiao.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 17dafee7acfa051d755c14ed0763837e696a275021a403e54b6edc6d8461bbd1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:42 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 3474

GET
H2 200 painting.png
x.pocidian.com/ico/ 4 KB
4 KB 800ms
800ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/painting.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 7d91408ef5f6e72833fb9bd33111e7d29cc93c574bdf7aee0d8314905e5ac755

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:47:20 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 3634

GET
H2 200 gonglv.png
x.pocidian.com/ico/ 2 KB
2 KB 800ms
800ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/gonglv.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: bbacf6ace286ee85ddb58236917c9671000b9efee190553fca714aab0383f720

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:38 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 1669

GET
H2 200 cihai.png
x.pocidian.com/ico/ 3 KB
3 KB 801ms
800ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/cihai.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 9ea4e350f6aad6142ea33ecf3adb8a8bee51998d0b57d7043b292356ebc56eff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:46:17 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 3057

GET
H2 200 secure.png
x.pocidian.com/ico/ 3 KB
3 KB 802ms
801ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/ico/secure.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 1b5e1b379db91c52a8351f410d926f0d704c776d28abd9cdbe219b1b621830b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 07:47:32 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2462

GET
H2 200 qq.js Show response
x.pocidian.com/qq/ 1 KB
1022 B 802ms
802ms Script
application/x-javascript 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.pocidian.com/qq/qq.js
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 94ed5891f450c95bd97613b733a2557cf1bc5c728dab2172a947b099d82a0533

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: br
last-modified: Fri, 03 Jun 2022 14:39:30 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 561

GET
H3 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame F2F3 9 KB
4 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=8906927933&adk=2857589783&adf=2493360191&pi=t.ma~as.8906927933&w=728&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=728x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927338&bpp=12&bdt=10220&idt=12&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=usZE2GbuGQ&p=https%3A//daxie.supfree.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 00:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 00:22:42 GMT

GET
H3 200 f9452dcf4f221a00d49f3197c484e17d.js Show response
www.gstatic.com/mysidia/ Frame F2F3 11 KB
5 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 19:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4599
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 19:44:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F2F3 14 KB
1 KB 41ms
40ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 15 Oct 2023 05:41:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Oct 2023 06:55:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F2F3 2 KB
892 B 26ms
25ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 12:54:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame F2F3 23 KB
9 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 12:54:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F2F3 3 KB
1 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 00:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 00:22:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F2F3 20 KB
8 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 00:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 00:22:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F2F3 0
0 43ms
41ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5WrWoARmQEt0L0tSWY4vl5P-2E6vBUGfsOWibQEHOhbTcmwJRBs_Lr6LtFLDWttjgxFf-NLBkqQgrHTFCjoLcLO6Unw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=8906927933&adk=2857589783&adf=2493360191&pi=t.ma~as.8906927933&w=728&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=728x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927338&bpp=12&bdt=10220&idt=12&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=usZE2GbuGQ&p=https%3A//daxie.supfree.net&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2F3 187 KB
59 KB 44ms
42ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Oct 2023 06:55:27 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame F2F3 35 KB
14 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 03:13:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E853 1 KB
643 B 31ms
30ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:29:42 GMT
etag: 48472445140208031
expires: Mon, 16 Oct 2023 06:29:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F2F3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c10bcb63cd63de5e3e32242ed44ff5b1be3a207f6ba1ea83b5ec1656f2b7996

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F2F3 33 KB
34 KB 85ms
25ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 08:20:03 GMT
x-content-type-options: nosniff
age: 167725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 08:20:03 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame E853 35 B
464 B 130ms
33ms Image
image/gif 2620:116:800b:21:f059:4f7e:28a9:1588
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOouTaMZHgM8kT2rNV8cnc0&google_cver=1&google_push=AXcoOmQ8jV5UEFTKz7LJxggM-G4ugy4-JP9xRviCJ8EXq5YlQOJBwxJz6OBHu5JdK-S91bpC3b7zJuTjwxSeaRMDuS6QwNl_l0UptDOi9P1vYywMEY00Sb-iIQakxFwvoK_PUgQK7Lj2bwNs7tfQbPi7ha_wyQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E853
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEPzX0LnP3gDMnS2yz_Mk1N8&google_cver=1&google_push=AXcoOmSGLpg6A08d-YIFQqiSbjPxAq-Wqoj6mq_HMjK29C6QaHHdfUWWEobWrML0sz93NIqkrXqJvwUnBw-2v24zkCmlEY75e5uyceu6...
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmSGLpg6A08d-YIFQqiSbjPxAq-Wqoj6mq_HMjK29C6QaHHdfUWWEobWrML0sz93N...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSGLpg6A08d-YIFQqiSbjPxAq-Wqoj6mq_HMjK29C6QaHHdfUWWEobWrML0sz93NIqkrXqJvwUnBw-2v24zkCmlEY75e5uyceu6zrN6YaMYe4oKHC-Z...

170 B
188 B

42ms
42ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSGLpg6A08d-YIFQqiSbjPxAq-Wqoj6mq_HMjK29C6QaHHdfUWWEobWrML0sz93NIqkrXqJvwUnBw-2v24zkCmlEY75e5uyceu6zrN6YaMYe4oKHC-Z3YYK3QLFyRMwk-N5DLrQZXmn3_qQdsz2-EWXJw&google_cver=1&google_gid=CAESEPzX0LnP3gDMnS2yz_Mk1N8&google_hm=UTc1MDYzOTMyODEyNzI4OTgzMjI=

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 15 Oct 2023 06:55:28 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSGLpg6A08d-YIFQqiSbjPxAq-Wqoj6mq_HMjK29C6QaHHdfUWWEobWrML0sz93NIqkrXqJvwUnBw-2v24zkCmlEY75e5uyceu6zrN6YaMYe4oKHC-Z3YYK3QLFyRMwk-N5DLrQZXmn3_qQdsz2-EWXJw&google_cver=1&google_gid=CAESEPzX0LnP3gDMnS2yz_Mk1N8&google_hm=UTc1MDYzOTMyODEyNzI4OTgzMjI=
Content-Type: text/html
Cache-Control: max-age=79337
Connection: keep-alive
Content-Length: 154

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E853
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPSE_nX6PNRsctsGdFcC3mg&google_cver=1&google_push=AXcoOmRBl8HGBn07WaZm9FkdYKVORlwZQ03CSnfaGXnviFhhgjqhHmgthjZgk6vnmDp51sHYKcMC07FFQhWB5eqm...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A6yaPkSJRo8iMeWOWUOI7w&google_push=AXcoOmRBl8HGBn07WaZm9FkdYKVORlwZQ03CSnfaGXnviFhhgjqhHmgthjZgk6vnmDp51sHYKcMC07FFQhWB5eqmDv3o36-8FyczepF...

170 B
188 B

43ms
42ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A6yaPkSJRo8iMeWOWUOI7w&google_push=AXcoOmRBl8HGBn07WaZm9FkdYKVORlwZQ03CSnfaGXnviFhhgjqhHmgthjZgk6vnmDp51sHYKcMC07FFQhWB5eqmDv3o36-8FyczepFQXjUlon-5uYLFxIO0b1oeoyhetAyw3qUFYFEIuTxAo1_kOEBgFUnYKg

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 15 Oct 2023 06:55:28 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A6yaPkSJRo8iMeWOWUOI7w&google_push=AXcoOmRBl8HGBn07WaZm9FkdYKVORlwZQ03CSnfaGXnviFhhgjqhHmgthjZgk6vnmDp51sHYKcMC07FFQhWB5eqmDv3o36-8FyczepFQXjUlon-5uYLFxIO0b1oeoyhetAyw3qUFYFEIuTxAo1_kOEBgFUnYKg
x-host: tde-deliveryengine-production-69fbf984b9-9cs2k
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E853
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJvqxN1qlxbRn5cSG0AFBnk&google_push=AXcoOmTjlLMlvNDPCxFgpTuldsyX02wLWmVs7aZrojQbva9qht1IuRfR0G3dFXu0GVkz4tjqEjhNsxsSLZxPPOy8s8BJ-o1...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmTjlLMlvNDPCxFgpTuldsyX02wLWmVs7aZrojQbva9qht1IuRfR0G3dFXu0GVkz4tjqEjhNsxsSLZxPPOy8s8BJ-o1itwr_0jTi4HvUUOF0XWjdQGnDsaJQm84OE...

170 B
329 B

43ms
41ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmTjlLMlvNDPCxFgpTuldsyX02wLWmVs7aZrojQbva9qht1IuRfR0G3dFXu0GVkz4tjqEjhNsxsSLZxPPOy8s8BJ-o1itwr_0jTi4HvUUOF0XWjdQGnDsaJQm84OE0Sm1Zs_C8ntTqPzXIYt_TxcYb9Po2o&google_hm=MTA1OTU0OTIxODg2MjM0MzgxNDI

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmTjlLMlvNDPCxFgpTuldsyX02wLWmVs7aZrojQbva9qht1IuRfR0G3dFXu0GVkz4tjqEjhNsxsSLZxPPOy8s8BJ-o1itwr_0jTi4HvUUOF0XWjdQGnDsaJQm84OE0Sm1Zs_C8ntTqPzXIYt_TxcYb9Po2o&google_hm=MTA1OTU0OTIxODg2MjM0MzgxNDI
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame E853 43 B
297 B 212ms
29ms Image
image/gif 2600:1f18:445b:901:b8e3:e6a9:15ac:1d69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOv8O2py4MniRScnMCbNLiY&google_cver=1&google_push=AXcoOmTRXbC_xuDwPkXttWwUTgWOQG7r6vDnvLw5iOHQpciy13zgU8H2eLt9v5QEi7hZybQjVhjGcsI-yEeyAd3dktJueHUXufUItAjudJPbV6AGgoBn1QAzuec1dT9y8GW_ffb5PfrzTYIcae9mGkzXcCv1fXw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=8906927933&adk=2857589783&adf=2493360191&pi=t.ma~as.8906927933&w=728&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=728x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927338&bpp=12&bdt=10220&idt=12&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=usZE2GbuGQ&p=https%3A//daxie.supfree.net&dtd=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:901:b8e3:e6a9:15ac:1d69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E853
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESELC3Xve39sYOh7QfvdF4WRg&google_cver=1&google_push=AXcoOmRUS_Kv9e9mqnATKg6FNNC5p2jlKNh4dLrigYm9VrotGLIhOlf3f...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRUS_Kv9e9mqnATKg6FNNC5p2jlKNh4dLrigYm9VrotGLIhOlf3fMLcgU63d8OGgfY9lvsT3YGweaK-tMkpd_8udy6-eSKoSPoRbzKL9QRF_bMIfgWO2tO0ABFOC...

170 B
232 B

42ms
42ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRUS_Kv9e9mqnATKg6FNNC5p2jlKNh4dLrigYm9VrotGLIhOlf3fMLcgU63d8OGgfY9lvsT3YGweaK-tMkpd_8udy6-eSKoSPoRbzKL9QRF_bMIfgWO2tO0ABFOCIVvFz2UWWNQrrtzu0RE46psbGdFCOX_&google_hm=QlMuNjA2Yi04Nzc4LTQzMGYtYWU1Zg==

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRUS_Kv9e9mqnATKg6FNNC5p2jlKNh4dLrigYm9VrotGLIhOlf3fMLcgU63d8OGgfY9lvsT3YGweaK-tMkpd_8udy6-eSKoSPoRbzKL9QRF_bMIfgWO2tO0ABFOCIVvFz2UWWNQrrtzu0RE46psbGdFCOX_&google_hm=QlMuNjA2Yi04Nzc4LTQzMGYtYWU1Zg==
Date: Sun, 15 Oct 2023 06:55:28 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E853
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEOMFQf0ede3jLeU5NWnQ9sQ&google_cver=1&google_push=AXcoOmTfoKM9QiwqSJ0KgI0V16kmH8UGoDiltUXmAPj4NZEZZPBlttmnMDvylwuhhJwe74AsQRbHr1JgN_5xuorwApUlp26aM...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTfoKM9QiwqSJ0KgI0V16kmH8UGoDiltUXmAPj4NZEZZPBlttmnMDvylwuhhJwe74AsQRbHr1JgN_5xuorwApUlp26aMjLZvDQEMP3pLnm5gTRxklWaHI4qw...

170 B
232 B

43ms
42ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTfoKM9QiwqSJ0KgI0V16kmH8UGoDiltUXmAPj4NZEZZPBlttmnMDvylwuhhJwe74AsQRbHr1JgN_5xuorwApUlp26aMjLZvDQEMP3pLnm5gTRxklWaHI4qwSMVZCib5lkqE3j18fSNbv7CobZRF4t1161Q&google_hm=f85ea035fc4b278f1iuzmj00lnr43xb4

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTfoKM9QiwqSJ0KgI0V16kmH8UGoDiltUXmAPj4NZEZZPBlttmnMDvylwuhhJwe74AsQRbHr1JgN_5xuorwApUlp26aMjLZvDQEMP3pLnm5gTRxklWaHI4qwSMVZCib5lkqE3j18fSNbv7CobZRF4t1161Q&google_hm=f85ea035fc4b278f1iuzmj00lnr43xb4
date: Sun, 15 Oct 2023 06:55:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 306
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E853 0
139 B 122ms
44ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRK1TD8bXAQ1YG3GCDzOtNlbLbzx1GJ9EPV5jQjpZVInwK44FokpwNz3h22VlOwVHy7lfrTk8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame EE06 3 KB
1 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=1529490354&adk=3857380178&adf=690523360&pi=t.ma~as.1529490354&w=680&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=680x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927749&bpp=1&bdt=10631&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124%2C728x280&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JYaFM3wWy1&p=https%3A//daxie.supfree.net&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 00:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 00:22:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame EE06 20 KB
8 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 00:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 00:22:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EE06 0
0 43ms
42ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYh6lyScXJeOQuVZu6YGqV-nkg7t8O5cVigG92LelkRGFZbbDzg7PNafBRklLiZmqo0jVh9IsRLsylmBcdl6WFLNVauA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=1529490354&adk=3857380178&adf=690523360&pi=t.ma~as.1529490354&w=680&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=680x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927749&bpp=1&bdt=10631&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124%2C728x280&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JYaFM3wWy1&p=https%3A//daxie.supfree.net&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE06 187 KB
59 KB 57ms
56ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Oct 2023 06:55:28 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 0FCA 116 KB
42 KB 52ms
50ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZSuM3wAMIwkFKNWHAAGde41CedJiHCH-oES6iQ&u=%7CZT0BpIPuqbk3UoQoL0K4C%2B69AEM7pPN0liNcHuwqg5U%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cF6cPJCBc3U80vn7lpjJv8dzpaJNIL0FOgj_96bofZAs_ytAgi42EyEUigjRW-MfQb-UDWiko1gzqnep1d6TGoPtALEQ6aK6TXhrz5s8hGYr7_zh34JxQntTFGElxUIMhMFBsUi6u61hPMvTcfxDKq9KUiTkp_iAyqot-dFqZLYwpHOHK1hAuJHoafLYlHHbAUqx50-o931m2Xeka-ZwQMpd6XmAHa83wIdECvmwxmKjla_7no3gzWtvac_RRuo_NGltr_B2-J35J9j9VCIwp0FvndY3tKsTQBGjQPrzgzJVVoSthZheQk3A2u1BroqdmTGwa3BGEUPI4g5v1Dy-cYpSpVOcE_8jYAy3P1VL77CjYX45tuURHMJjE8qMB8abRCdqWawgyTMeX5Y8e5xw5mYV8vMr2g4C8elESSSSq-WhQO_Wl4A3ndVjcuxJ92EERJJtrpBGipEUAn2gKdVHkVw0iVWawHqkQuES3U2G7UEpLBzfeV0n-kctKdEZ4E458gcDA084-ovqroF5aWqJvHUN8_7Kd7bG_QMBRc8BPoqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvt534wrZYnGMIero9kP-7qGuAScge-wXLLtt52dAcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTMxMTg5MzMxODk1MjY0NDPIAQmoAwHIAwKqBM8BT9CAMI8gAuWCT5gMemJDj6U8BBUwooXUL7OeHSgOcsWgRncim7Sryfw8OcuOooX7lSBxWVa4dmKIkFwebs_0IvolY2QIfjF_iTGb-WmER7IlpDtW39VbO0Femom2ajQDWKHPlTx6mqv3cGqBt17Q-okcnsNQ_HdzxZYLlzsf2Flvgx7oMBCzKFG2KG-k7rHkvSlCExxnkVTWo8mQ60ULccSzfHIacDMm2LOEHsEKbaRKAHazw_ktskX3YLExPg-EpCjymu3oCvPcQWQndBOAgAaT5fKutKKC5iqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0qfbtaPqBS2UoLij954QUUDnIq5A%26client%3Dca-pub-3118933189526443%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2a06178605fc7fd69d26e76c46498a2d3fe2ddf14eb5dc5ff1a0e1a58ca8d008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:55:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=WJbcQh5Vh_gObRi1wJ1XBAbEPdVKa5ozKlpJlKol-qgN6XDOkNACa4Mut8SKWP4S---DTnOw8tuFE3YZ1pYjY4tYXEnP3A5oeCYRDoQIdnSVv4PdhILWex7l-NoJ8YLzdcpfFZs5Ck9QrAgKFC7CMirJe5dEaYCm7JpiOscqd5OQ85s9sNVB5CLzil3K93itVBQT9_trLlh4GDx4ogj5iXhYKOzm68dyB4wIb5Y2TFOutcHvD0eMbHbwJZnGzXXveMUCgA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 17895030
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 40F3 1 KB
643 B 30ms
28ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:29:42 GMT
etag: 48472445140208031
expires: Mon, 16 Oct 2023 06:29:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EE06 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 685fe1823c66973c11be8d1f0c7194caf0b3608e1c383bc427572f44614a31d4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F2F3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-IWa34wrZemcGKKqo9kP6a-o8AbYq9aXcLa-3qbvD2QQASDo_c4DYMnujovApIwQoAGtlprZA8gBAagDAcgDywSqBNIBT9C2CrndaJrPf_pJZ2keH4nMGeuOy9Z7Z59iyDWskSrrcMex8vh...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x77d3664026e3cd5d0000000000000000%22,%222%22:%220x5139109c054148320000000000000000%22,%223%22:%220xf3ecc1...

0
0

107ms
52ms

Fetch
text/css

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x77d3664026e3cd5d0000000000000000%22,%222%22:%220x5139109c054148320000000000000000%22,%223%22:%220xf3ecc124f830a3780000000000000000%22,%224%22:%220xe3d91572229169200000000000000000%22,%225%22:%220x4c20b884f9c6f800000000000000000%22},%22debug_key%22:%226545069659328464044%22,%22debug_reporting%22:true,%22destination%22:%22https://acrobiosystems.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992381741%22],%224%22:[%2210-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218246517797458025009%22}&andc=true

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x77d3664026e3cd5d0000000000000000","2":"0x5139109c054148320000000000000000","3":"0xf3ecc124f830a3780000000000000000","4":"0xe3d91572229169200000000000000000","5":"0x4c20b884f9c6f800000000000000000"},"debug_key":"6545069659328464044","debug_reporting":true,"destination":"https://acrobiosystems.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992381741"],"4":["10-15"],"6":["true"]},"priority":"500","source_event_id":"18246517797458025009"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 15 Oct 2023 06:55:28 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 15 Oct 2023 06:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x77d3664026e3cd5d0000000000000000","2":"0x5139109c054148320000000000000000","3":"0xf3ecc124f830a3780000000000000000","4":"0xe3d91572229169200000000000000000","5":"0x4c20b884f9c6f800000000000000000"},"debug_key":"6545069659328464044","debug_reporting":true,"destination":"https://acrobiosystems.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992381741"],"4":["10-15"],"6":["true"]},"priority":"500","source_event_id":"18246517797458025009"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js Show response
pagead2.googlesyndication.com/bg/ Frame 450E 37 KB
14 KB 24ms
24ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 292009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:48:39 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0FCA 2 KB
1 KB 31ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZSuM3wAMIwkFKNWHAAGde41CedJiHCH-oES6iQ&u=%7CZT0BpIPuqbk3UoQoL0K4C%2B69AEM7pPN0liNcHuwqg5U%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cF6cPJCBc3U80vn7lpjJv8dzpaJNIL0FOgj_96bofZAs_ytAgi42EyEUigjRW-MfQb-UDWiko1gzqnep1d6TGoPtALEQ6aK6TXhrz5s8hGYr7_zh34JxQntTFGElxUIMhMFBsUi6u61hPMvTcfxDKq9KUiTkp_iAyqot-dFqZLYwpHOHK1hAuJHoafLYlHHbAUqx50-o931m2Xeka-ZwQMpd6XmAHa83wIdECvmwxmKjla_7no3gzWtvac_RRuo_NGltr_B2-J35J9j9VCIwp0FvndY3tKsTQBGjQPrzgzJVVoSthZheQk3A2u1BroqdmTGwa3BGEUPI4g5v1Dy-cYpSpVOcE_8jYAy3P1VL77CjYX45tuURHMJjE8qMB8abRCdqWawgyTMeX5Y8e5xw5mYV8vMr2g4C8elESSSSq-WhQO_Wl4A3ndVjcuxJ92EERJJtrpBGipEUAn2gKdVHkVw0iVWawHqkQuES3U2G7UEpLBzfeV0n-kctKdEZ4E458gcDA084-ovqroF5aWqJvHUN8_7Kd7bG_QMBRc8BPoqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvt534wrZYnGMIero9kP-7qGuAScge-wXLLtt52dAcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTMxMTg5MzMxODk1MjY0NDPIAQmoAwHIAwKqBM8BT9CAMI8gAuWCT5gMemJDj6U8BBUwooXUL7OeHSgOcsWgRncim7Sryfw8OcuOooX7lSBxWVa4dmKIkFwebs_0IvolY2QIfjF_iTGb-WmER7IlpDtW39VbO0Femom2ajQDWKHPlTx6mqv3cGqBt17Q-okcnsNQ_HdzxZYLlzsf2Flvgx7oMBCzKFG2KG-k7rHkvSlCExxnkVTWo8mQ60ULccSzfHIacDMm2LOEHsEKbaRKAHazw_ktskX3YLExPg-EpCjymu3oCvPcQWQndBOAgAaT5fKutKKC5iqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0qfbtaPqBS2UoLij954QUUDnIq5A%26client%3Dca-pub-3118933189526443%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:55:28 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0FCA 2 KB
1 KB 29ms
28ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:55:28 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0FCA 308 B
636 B 32ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 09 Oct 2024 06:55:28 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0FCA 293 B
621 B 29ms
28ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 09 Oct 2024 06:55:28 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 0FCA 43 B
347 B 30ms
30ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=QWCRDlSAAgxVRHLviWMrqE8N9pktJrf46Rf8Bq_Z0v2CKq2Qvv-jh5l-TXIP1dhOO2CNFXbNiUrauOC4kjLLTg4XByvGL4g1Gx9j5Adxogffi_ZGdRnjIERlCal_J4xZ68SM435QsbMzoxU_sKI6hsdcaX16NlVDOy_xYf0Uijzd7878ytnvFZt0OPiIDc-v65svX0rP9ctaULHsR2hYCNx8ybMkpqCWZIVl_FmiTQ3eOarEVbRg0Q5OOMP0tw1L6SEojYJOvpkOBCW9viNSOBFM6OG4DoB-lJ6Yam7kTiaPuZAlzVDQpW8b-gWDXnG5r_e1pUYvwHAEZRVICb9biItrcW4hI_NieBwjYGXJoz-V1MpPYr-UJ6551UHub4JjAW6tMXMhZEyvtd-1ejMZ85zusQT1Gx827pEh_gzdooDgPDWP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1539721
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40F3
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPWwSyD6saKStRTVCvv1Koc&google_cver=1&google_push=AXcoOmSI08SUmfCPLXvX71aKmGVkL1RZcvE9jk5sW3ymqNx-EBUC2fc...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1cf022236c480693&is_secure=true&networkId=14000&version=1&google_gid=CAESEPWwSyD6saKStRTVCvv1Koc&google_cver=1&google_push=AXcoOmSI08SU...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACBgLvSoV8jQMLemMeAAAAAAA&expiration=1697439328&google_cver=1&is_secure=true&google_gid=CAESEPWwSyD6saKStRTVCvv1K...

170 B
188 B

42ms
41ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACBgLvSoV8jQMLemMeAAAAAAA&expiration=1697439328&google_cver=1&is_secure=true&google_gid=CAESEPWwSyD6saKStRTVCvv1Koc&google_push=AXcoOmSI08SUmfCPLXvX71aKmGVkL1RZcvE9jk5sW3ymqNx-EBUC2fcTUdzu7zEOhyd7h8UgjEz4p9wPVIjDb8-aDw6smhEQQNwrpaSpYIEYnwRyT-hnzoVmUnThzMerWDDgZsVK2QQ4Y1e3Qa79AE5AjLk1JNA

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACBgLvSoV8jQMLemMeAAAAAAA&expiration=1697439328&google_cver=1&is_secure=true&google_gid=CAESEPWwSyD6saKStRTVCvv1Koc&google_push=AXcoOmSI08SUmfCPLXvX71aKmGVkL1RZcvE9jk5sW3ymqNx-EBUC2fcTUdzu7zEOhyd7h8UgjEz4p9wPVIjDb8-aDw6smhEQQNwrpaSpYIEYnwRyT-hnzoVmUnThzMerWDDgZsVK2QQ4Y1e3Qa79AE5AjLk1JNA
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40F3
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEIFU3PMC_Na9uvFAZs5hSbw&google_cver=1&google_push=AXcoOmQvJiCklaWk2ygb7hNZposjZ3qfe81PBswm39nm3sOHKJSSlZUMvCy6i_nH8Y8t4X5Jp6XiWKG6llE18wOogecaW073IohJp...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQvJiCklaWk2ygb7hNZposjZ3qfe81PBswm39nm3sOHKJSSlZUMvCy6i_nH8Y8t4X5Jp6XiWKG6llE18wOogecaW073IohJpMM31XM3KvktFbPhnMn4kDynkl0HfAj-...

170 B
188 B

44ms
44ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQvJiCklaWk2ygb7hNZposjZ3qfe81PBswm39nm3sOHKJSSlZUMvCy6i_nH8Y8t4X5Jp6XiWKG6llE18wOogecaW073IohJpMM31XM3KvktFbPhnMn4kDynkl0HfAj-k0BstPvkIoPgWXnYgQ_o-qi8urA&google_hm=Q0FFU0VJRlUzUE1DX05hOXV2RkFaczVoU2J3

Requested by

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:27 GMT
via: 1.1 6bee7b982f10ef7095c00bdf38581dd2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQvJiCklaWk2ygb7hNZposjZ3qfe81PBswm39nm3sOHKJSSlZUMvCy6i_nH8Y8t4X5Jp6XiWKG6llE18wOogecaW073IohJpMM31XM3KvktFbPhnMn4kDynkl0HfAj-k0BstPvkIoPgWXnYgQ_o-qi8urA&google_hm=Q0FFU0VJRlUzUE1DX05hOXV2RkFaczVoU2J3
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: DD3R8xXFrty9VV1JdmKs5jjB0AoUN-GejdhSJ-V8FyVbtJvlGoDLtQ==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40F3
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQGJmQ3aUfQr1Tgapq71GSxzwifvd8Q406vW0j0b-72rq_RWyhZEmi6RbhGBEIlt-MxtUI7cPYDlF6-_wNvVGG9PhywE4BhaIPGeWiqod9ZsDteh6qx6fTw-yN4x34vWJSPNyTvAbP...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOCZrqkGEgUI6AcQAEIASqsBZ29vZ2xlX3B1c2g9QVhjb09tUUdKbVEzYVVmUXIxVGdhcHE3MUdTeHp3aWZ2ZDhRNDA2dlcwajBiLTcycnFfUld5aFpFbWk2UmJoR0JFSWx0LU14dFVJN2NQWURsRjYtX3...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwanFpYkEwRU9HQzRHSHpoQjFWSWlUZWExcHFiUGlxRzlGZlp0RjFWazVvcw==&google_push

170 B
188 B

44ms
43ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwanFpYkEwRU9HQzRHSHpoQjFWSWlUZWExcHFiUGlxRzlGZlp0RjFWazVvcw==&google_push

Requested by

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 15 Oct 2023 06:55:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwanFpYkEwRU9HQzRHSHpoQjFWSWlUZWExcHFiUGlxRzlGZlp0RjFWazVvcw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40F3
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDVkBBJRTH5W20Jv5uLDDvA&google_cver=1&google_push=AXcoOmQg5fVWM8jmXiKibb9h0qaUpZYazT013_HgboLyTWidfHrg7Xi8BQ970K0Z4EoKojCiSGycsndK46-dft0scm8U...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDVkBBJRTH5W20Jv5uLDDvA&google_cver=1&google_push=AXcoOmQg5fVWM8jmXiKibb9h0qaUpZYazT013_HgboLyTWidfHrg7Xi8BQ970K0Z4EoKojCiSGycsndK46-dft...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8f9837b3-fd6f-4094-96c9-cce6d268ed2f&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQg5fVWM8jmXiKibb9h0qaUpZYazT013_HgboLyTWidfHrg7Xi8BQ970K0Z4EoKojCiSGycsndK46-dft0scm8UVVttMv4BKKWzucHGDMWGpC2J-8VI2_pM4m8-TVeVPw...

170 B
188 B

42ms
42ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQg5fVWM8jmXiKibb9h0qaUpZYazT013_HgboLyTWidfHrg7Xi8BQ970K0Z4EoKojCiSGycsndK46-dft0scm8UVVttMv4BKKWzucHGDMWGpC2J-8VI2_pM4m8-TVeVPw6hTSnhMbYGbkxBfP7IXWJ7rzU&google_hm=drcty0mhRRKSzOGPJWW55g==

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQg5fVWM8jmXiKibb9h0qaUpZYazT013_HgboLyTWidfHrg7Xi8BQ970K0Z4EoKojCiSGycsndK46-dft0scm8UVVttMv4BKKWzucHGDMWGpC2J-8VI2_pM4m8-TVeVPw6hTSnhMbYGbkxBfP7IXWJ7rzU&google_hm=drcty0mhRRKSzOGPJWW55g==
Date: Sun, 15 Oct 2023 06:55:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 503
Service Unavailable: Back-end server is at capacity r.gif
sync.extend.tv/ Frame 40F3 0
111 B 329ms
42ms Image
text/plain 54.174.245.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESENoSc9EKjWaItwK1RolBl0M&google_cver=1&google_push=AXcoOmR80zBsSOyma2_IywQE_go52gXL7kOSYmhtLbHHr9KQIHGcsDgyaqMPugkiOPMCXiN1IxK8-wnClvvkPf0GxRj5aZpMwtbSWDmMS-GeqhMlag6c5KCvkTn2aU1D0qNn1LeAnRFGzkVa3OtO5rLgKJXumQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=1529490354&adk=3857380178&adf=690523360&pi=t.ma~as.1529490354&w=680&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=680x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927749&bpp=1&bdt=10631&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124%2C728x280&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JYaFM3wWy1&p=https%3A//daxie.supfree.net&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.245.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-245-129.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40F3
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEE9D9U3-jsa-TgHu3l6Q8q0&google_cver=1&google_push=AXcoOmRH1TfYfggS_gQqwZHo5uW7CiyV9bKMVFsov3AHBodPcjoqezS9bc0j1-A_d4qzB9TVokhUQJn6...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEE9D9U3-jsa-TgHu3l6Q8q0%26google_cver%3D1%26google_push%3DAXcoOmRH1TfYfggS_gQqwZ...
https://rtb2-useast.e-volution.ai/sync?adkuid=A7205084461719632904&exchange=193&google_gid=CAESEE9D9U3-jsa-TgHu3l6Q8q0&google_cver=1&google_push=AXcoOmRH1TfYfggS_gQqwZHo5uW7CiyV9bKMVFsov3AHBodPcjoq...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTcyMDUwODQ0NjE3MTk2MzI5MDQ&google_push=AXcoOmRH1TfYfggS_gQqwZHo5uW7CiyV9bKMVFsov3AHBodPcjoqezS9bc0j1-A_d4qzB9TVokhUQJn...

170 B
188 B

44ms
43ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTcyMDUwODQ0NjE3MTk2MzI5MDQ&google_push=AXcoOmRH1TfYfggS_gQqwZHo5uW7CiyV9bKMVFsov3AHBodPcjoqezS9bc0j1-A_d4qzB9TVokhUQJn6TCZ-tBrNuOTC9C3wToP49FxIvIq6hMNmDuO1fZSa_OzUB5-IP-C7xsqezG-2wuXpMEPWassvW8IDam2Z

Requested by

Host: daxie.supfree.net
URL: https://daxie.supfree.net/

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTcyMDUwODQ0NjE3MTk2MzI5MDQ&google_push=AXcoOmRH1TfYfggS_gQqwZHo5uW7CiyV9bKMVFsov3AHBodPcjoqezS9bc0j1-A_d4qzB9TVokhUQJn6TCZ-tBrNuOTC9C3wToP49FxIvIq6hMNmDuO1fZSa_OzUB5-IP-C7xsqezG-2wuXpMEPWassvW8IDam2Z
Date: Sun, 15 Oct 2023 06:55:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40F3
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEMSbLY41t-fR_P2LC19cwoM&google_cver=1&google_push=AXcoOmRZAEcmFMTQR7kca_7w3ZxlLcJydYie5E4quKr7NYpJdccxhadtZXzAapZTBq...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRZAEcmFMTQR7kca_7w3ZxlLcJydYie5E4quKr7NYpJdccxhadtZXzAapZTBqkBVWXkJD5Dt_5xUVKzNIdy5WHxTA0dd1w430DppqKUc8mKSz...

170 B
188 B

41ms
41ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRZAEcmFMTQR7kca_7w3ZxlLcJydYie5E4quKr7NYpJdccxhadtZXzAapZTBqkBVWXkJD5Dt_5xUVKzNIdy5WHxTA0dd1w430DppqKUc8mKSzB8UDxBey7acepmvloC7YeOwcfBYlzeky3ciZ-Tgs7Rkg0&google_hm=yPfccH3nTga3BJcVpBigMCM

Requested by

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:27 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRZAEcmFMTQR7kca_7w3ZxlLcJydYie5E4quKr7NYpJdccxhadtZXzAapZTBqkBVWXkJD5Dt_5xUVKzNIdy5WHxTA0dd1w430DppqKUc8mKSzB8UDxBey7acepmvloC7YeOwcfBYlzeky3ciZ-Tgs7Rkg0&google_hm=yPfccH3nTga3BJcVpBigMCM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 40F3 0
12 B 41ms
40ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWt3aKxiGZ5LNV1HUjbar4vdTFnr_twbJWPriSkUNdJKqifpmEo-BrvbVOz27lawk83xlAFFc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0FCA 12 KB
6 KB 34ms
32ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:55:28 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 0FCA 112 KB
112 KB 48ms
47ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?m=0&partner=102266&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F102266%2F4793739%2Fb8723993ca674b63abc22a1467ef0f0c_407.jpg&v=3&rid=4&s=Azsj2nIrRy40LCg0iUIhuHaR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

502c7ffb2ceff956562a053c74e5d1df4b0772450c0beb43559fb80e0e15405f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 114374
expires: Sat, 14 Sep 2024 16:45:05 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 0FCA 18 KB
18 KB 32ms
32ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=158&m=0&partner=102266&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F102266%2F4793739%2F1371674528fd4403ab35a736b15beaac_logo_-_boston_brain_science.png&v=3&w=664&rid=4&s=NpsCQJ3gMzSaE0hB1htw3e03

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4716fe05c885d79f7ac20de5948a7f3829172c0bdd8f7ceaf9f9e1776303f942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 18038
expires: Fri, 30 Aug 2024 01:36:11 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 0FCA 0
127 B 28ms
28ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=WJbcQh5Vh_gObRi1wJ1XBAbEPdVKa5ozKlpJlKol-qgN6XDOkNACa4Mut8SKWP4S---DTnOw8tuFE3YZ1pYjY4tYXEnP3A5oeCYRDoQIdnSVv4PdhILWex7l-NoJ8YLzdcpfFZs5Ck9QrAgKFC7CMirJe5dEaYCm7JpiOscqd5OQ85s9sNVB5CLzil3K93itVBQT9_trLlh4GDx4ogj5iXhYKOzm68dyB4wIb5Y2TFOutcHvD0eMbHbwJZnGzXXveMUCgA&sds=2&rev=88837&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 15 Oct 2023 06:55:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0FCA 2 KB
1 KB 28ms
28ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:55:28 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0FCA 2 KB
1 KB 29ms
28ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:55:28 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 129ms
51ms Preflight
text/html 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 15 Oct 2023 06:55:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE06 0
19 B 62ms
61ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz7z_34wrZYnGMIero9kP-7qGuAScge-wXLLtt52dAcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTMxMTg5MzMxODk1MjY0NDPIAQmoAwHIAwKqBMwBT9CAMI8gAuWCT5gMemJDj6U8BBUwooXUL7OeHSgOcsWgRncim7Sryfw8OcuOooX7lSBxWVa4dmKIkFwebs_0IvolY2QIfjF_iTGb-WmER7IlpDtW39VbO0Femom2ajQDWKHPlTx6mqv3cGqBt17Q-okcnsNQ_HdzxZYLlzsf2Flvgx7oMBCzKFG2KG-k7rHkvSlCExxnkVTWo8mQ60ULccSzfHIacDNk2pMW2HzhFy2hP6I_-h6JA0rfaZ8p-pR33qE7JPPEEnIY1V3AgAaT5fKutKKC5iqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMxMTg5MzMxODk1MjY0NDMYAA&sigh=DBSCght6lV8&uach_m=[UACH]&cid=CAQSPADICaaN1Oj49UTl1Xe_gTtYi3ULUVMmP1zxdu2_xoGsAsWSvbWVnOcrox1v2V1sUCL98GgOXCjxnPS0LRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3118933189526443&output=html&h=280&slotname=1529490354&adk=3857380178&adf=690523360&pi=t.ma~as.1529490354&w=680&fwrn=4&fwrnh=100&lmt=1697388927&rafmt=1&format=680x280&url=https%3A%2F%2Fdaxie.supfree.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697352927749&bpp=1&bdt=10631&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6b56f9cbb283389%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og&gpic=UID%3D00000d99bea80d45%3AT%3D1697352923%3ART%3D1697352923%3AS%3DALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg&prev_fmts=0x0%2C1600x1200%2C1005x124%2C728x280&nras=3&correlator=1386379884913&frm=20&pv=1&ga_vid=1133477451.1697352923&ga_sid=1697352923&ga_hid=2044373577&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=340&ady=2568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44795922%2C44805099%2C44800658&oid=2&psts=AOrYGsnMOe7RJK3X4CzX_K3gv4hpdqklT6exgq1VY-0tLYsalhs0lJy5bp_2QaC0_IWL4uWgKDBP4VGS2teefoyGeEHTe674M1JHYbgmEfI&pvsid=685338157201605&tmod=476916456&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JYaFM3wWy1&p=https%3A//daxie.supfree.net&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 15 Oct 2023 06:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame EE06 0
125 B 43ms
43ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kPnAF836RKgFmALiIp0XAgAAADpAuYjRTNF-EN-MK2WlGnl12sSRrBLEAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZSuM3wAMIwkFKNWHAAGde41CedJiHCH-oES6iQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:27 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 143910
server: Kestrel
content-length: 0

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 2169ms
35ms Script
application/javascript 47.246.22.180
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js?id=CBCTph0KwfR9TQ9b&ck=CBCTph0KwfR9TQ9b
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.22.180 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 11:58:23 GMT
via: cache34.l2us1[0,18,304-0,H], cache28.l2us1[19,0], cache1.us13[0,0,200-0,H], cache2.us13[2,0]
content-encoding: gzip
x-oss-request-id: 65195EDF81477F3538A173D8
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
age: 1191426
x-swift-cachetime: 1216604
x-cache: HIT TCP_HIT dirn:10:136859671
x-oss-cdn-auth: success
x-swift-savetime: Mon, 02 Oct 2023 10:01:40 GMT
x-oss-object-type: Normal
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
server: Tengine
etag: W/"24BB520E9517F2ED3ED987B46AEAF723"
vary: Accept-Encoding
ali-swift-global-savetime: 1696161504
content-type: application/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 5143829838470429443
eagleid: 2ff6169616973529307302592e
x-oss-server-time: 3

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8B6D 42 B
174 B 49ms
48ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5uZ66UQuN4cIuaSWrgHVuaOrHzwNBeUeQ6A-7w7ujfpPIOR5VtBHMdsnW9IhSMkHKiBV5SSw_szBI_efyJ63GjMcXsZ3qNIrd__I&sig=Cg0ArKJSzNI0pudETGvCEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,755,1000,1115,1284&tos=83,672,245,115,169&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697352923612&rpt=280&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D408 0
127 B 31ms
30ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 15 Oct 2023 06:55:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F2F3 42 B
64 B 55ms
55ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmTn0potBnn4Xz3EYmaXsv8BOtc6berc8Zrv_rVL6ymCZod9ITI9TGT7uAcupI4Ozar3obJ2tPkGcNrVKwxXVnQVuOPTIARB46ei3QdMAepUvRzy00sqBe-f1sMlMSOvJ5P0fJunXdyg&sai=AMfl-YQJPsOCdN2pmoVX29DH29nyuo2umhP6AvnOhUtAwMmbIkiSGW3B7TRHJARvws4J6FxTCRqy00VLeonIelt6qyh34mlGDLS9xDWWxKW8I7RdeAW5uMGZ2kHReuQh&sig=Cg0ArKJSzMgm_FpxysKYEAE&cid=CAQSPADICaaNzPq7h-Cu4-FfztkUY2TnWZyHdOjSlP5gXusvWYTNMLB1Q4lvwXANg1p98cLzR_0-M1obx8k-uhgB&id=lidar2&mcvt=1000&p=0,0,280,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2857589783&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697352927356&rpt=752&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 06:55:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
517 B 1104ms
344ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js?id=CBCTph0KwfR9TQ9b&ck=CBCTph0KwfR9TQ9b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://daxie.supfree.net
Date: Sun, 15 Oct 2023 06:55:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 qq.png
x.pocidian.com/qq/ 2 KB
2 KB 268ms
267ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/qq/qq.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: daa8642235fa79009c7914210e1a0ab242ac1e0dda17af4c600d1ba95720dc08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:30 GMT
content-encoding: br
last-modified: Fri, 03 Jun 2022 14:36:58 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 1650

GET
H2 200 qq-icon-bg.png
x.pocidian.com/qq/ 1 KB
2 KB 268ms
267ms Image
image/png 180.76.110.142
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.pocidian.com/qq/qq-icon-bg.png
Requested by: Host: daxie.supfree.net
URL: https://daxie.supfree.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.76.110.142 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 744e4df31f0d2a813b615ff8889f6b8836f619c804babb251382178e3b7c393c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:30 GMT
content-encoding: br
last-modified: Fri, 03 Jun 2022 14:36:58 GMT
server: kangle/3.5
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: HIT from kangle web server
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 1232

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 55ms
54ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f46f153a7bfac56175bce3a1e8c9ce6fcc71934bdab5a77140563cb37d2601b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12310
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 43ms
43ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 15 Oct 2023 06:55:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5355 13 KB
5 KB 26ms
24ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daxie.supfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 6660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 05:04:31 GMT
expires: Mon, 14 Oct 2024 05:04:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 44C7 829 B
561 B 45ms
44ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

592c264457f67af2579aa2dcb88a2581e7ae3fed4a55ea79aa0888efeba0be78

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fFxyPDfWL1Qq0vT_Sz29lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://daxie.supfree.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fFxyPDfWL1Qq0vT_Sz29lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 06:55:31 GMT
expires: Sun, 15 Oct 2023 06:55:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5355 37 KB
14 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 05:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 14 Oct 2024 05:55:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 44C7 0
0 45ms
44ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=685338157201605&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5355 0
10 B 25ms
25ms Image
text/plain 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZfYpJQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:55:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
47ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=685338157201605&bg=!CQqlCkXNAAbFpEfJ5aQ7ADQBe5WfOJgqyDkHwzDXW2GW9WBW9ZIN8M146i2NjagrUOcgTRd5sbzYbJ0H2kCbhaRp6S4zAgAAAItSAAAAC2gBBwoAWgd_pw4MRLIs4Eq-yphuBevCVEGg3P4yzJJw5BcymyighDCveOBXovsH3huWyBgvZh2AJM9zbh7NVjR9H8NdePlSsI3VmDpzDr1BQn1y0VRDh9dKke2UUOQNVZkC-AAsongEn8_8njvFQYd8GspLsiWkcatv4FP431ikgaI6OLtzsWUozgJQXu2Uu2MgMJR-MEimt5AUeKviju4TrzQzELO9KQjAZPJ_slXzZu_o__VAqOiB2s_qipPc2PcEoyv-SgtA7MaA-w9pvBmtn8bfYokxM6o1HWYMV1mg2YDtYRErWaFbJOfciQg9afHSCmo9oi5ewjAIfm5FIS6vKIzYyZV7muiQEZQh50GMnDv5OBVHABepbwGBwMGfuUsoVVnHPhlBEIhU__YEJQEaJzYaUbJ0emRZ8tbmmxGP3V4jTBwz3l91ggttAU_dG7tAJJg5CLIvW6I6kWoyn3Nw8oP9GzHauLUqIe9GyFZ3tdH1B8XkTQMUEGeiV3oLr-0jgi2sj0zRyYzgqJ_v83h2af5NI2qGRzB3GkHdajnAK6J2mXxDHVMfq3vX6aLZ6oWM2ccCs8CE4xvlHkig8nHaoWkUGxi-x0eMQV2ID6KY2eLTDyiVl49m3tjjs-k-cBhpHkLDSjnDOYtPO04pyB5SaQ3EqH_4WYHi4rw7cz2M4qhO07dbVQZUcuxuLiBNOV8mHat8pTNZS6fsuTKZVTL98u-DW9SM5HYxwaayrv_LDJi4ljAXNWLTJwPf6Sh6eivQI9h22329V4Ftktb03Tl3Up-EMTjCnrs4JN4H07T-2IxRN80bsnxsqsB2d3wnz_kacDnrzzmilPeH6boUUr9fCQ459otQGuDhu8A1fK3_FLYIHK3XapuHzLK6cKeYEH9kkOR-kP3EaU2F8-UuGqTZVtGgucRirRnofScanC01z0TbnV3SA33FHV0zFfEcH4aHHq8s0tYSMqFW2DXIJs34yDGeZ_kVZXdhwd5RLGVKQ_3B5XQuo2LkxCFqjHFPXTeek-s_70d__BgdDeIFC56q4vQGaa5Vfmur9wJa1gGzx6lvHqAIM5el0X-5VWLeEv6jGT3lBs4RZ1Urx_-TWKCfw7aAY-NwlwF6kBn5nAPkwMokQ3_bc5jzVOo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://daxie.supfree.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baidu.com/	1970-01-21 01:05:12	Name: BAIDUID_BFESS Value: 70F53AC0D06DB120266F2B775C697384:FG=1
.supfree.net/	1970-01-21 00:50:48	Name: __gads Value: ID=c6b56f9cbb283389:T=1697352923:RT=1697352923:S=ALNI_MbO1HHxSYhGLanbsVll_LeIjYn4og
.supfree.net/	1970-01-21 00:50:48	Name: __gpi Value: UID=00000d99bea80d45:T=1697352923:RT=1697352923:S=ALNI_MbAbsKctPlvKXEiE9333kFTZkSrUg
.doubleclick.net/	1970-01-20 15:29:16	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 01:05:12	Name: IDE Value: AHWqTUmUU2xcsA5AchIKgvKH4eWUAAqgoYreICof17pifIn0tN6nRdE3Ut8ChxMWpQA
.mookie1.com/	1970-01-21 00:58:00	Name: id Value: 10595492188623438142
.mookie1.com/	1970-01-21 00:58:00	Name: mdata Value: 1\|10595492188623438142\|1697352928072
.mookie1.com/	1970-01-21 00:58:00	Name: ov Value: 3c0b002d12ef88c0b4693dc9d2a5f0e9
.owneriq.net/	1970-01-21 01:05:12	Name: si Value: Q7506393281272898322P
.owneriq.net/	1970-01-20 15:43:36	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 15:43:36	Name: gguuid Value: 1
.quantserve.com/	1970-01-20 17:38:48	Name: d Value: ECoBCQGYKoEA
.quantserve.com/	1970-01-21 00:59:27	Name: mc Value: 652b8ce0-16757-2097f-1b91b
.mediago.io/	1970-01-21 00:14:48	Name: __mguid_ Value: f85ea035fc4b278f1iuzmj00lnr43xb4
.innovid.com/	1970-01-20 17:38:48	Name: uuid Value: 8a4e8e7c-1f37-4b84-9562-52f3fbebde8b-20231015 02:55:28
.travelaudience.com/	1970-01-21 01:00:53	Name: _tracker Value: %7B%22UUID%22%3A%2203AC9A3E-4489-468F-2231-E58E594388EF%22%7D
.ctnsnet.com/	1970-01-21 00:14:48	Name: gid_CAESEMSbLY41t-fR_P2LC19cwoM Value: 1
.ctnsnet.com/	1970-01-21 00:14:48	Name: cid_c8f7dc707de74e06b7049715a418a030 Value: 1
.rlcdn.com/	1970-01-21 00:14:48	Name: rlas3 Value: AlJzR9yn1eYQNEcZ8N/RdNSM76KejSkkKWU+p0IkPzM=
.agkn.com/	1970-01-21 00:14:48	Name: ab Value: 0001%3AFraeIhAP80Qb3CzcPnqCPAFfYyLdsDld
.agkn.com/	1970-01-21 00:14:48	Name: u Value: C\|0CEAsvklgLL5JYAAAAAAAAQ13AQCAAQpAAAAAAA
.bidswitch.net/	1970-01-21 00:14:48	Name: tuuid Value: 76b72dcb-49a1-4512-92cc-e18f2565b9e6
.bidswitch.net/	1970-01-21 00:14:48	Name: c Value: 1697352928
.bidswitch.net/	1970-01-21 00:14:48	Name: tuuid_lu Value: 1697352928
.dotomi.com/	1970-01-20 15:29:12	Name: DotomiTest Value: 1cf022236c480693
.rlcdn.com/	1970-01-20 16:55:36	Name: pxrc Value: COCZrqkGEgUI6AcQABIGCOndKhAA
.adkernel.com/	1970-01-20 16:12:24	Name: ADKUID Value: A7205084461719632904
.googleadservices.com/	1970-01-20 17:38:48	Name: ar_debug Value: 1
.e-volution.ai/	1970-01-20 15:49:22	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 16:12:24	Name: ADKUID Value: A7205084461719632904
.sportradarserving.com/	1970-01-21 00:14:48	Name: zuuid Value: 8f9837b3-fd6f-4094-96c9-cce6d268ed2f
.sportradarserving.com/	1970-01-21 00:14:48	Name: c Value: 1697352928
.sportradarserving.com/	1970-01-21 00:14:48	Name: zuuid_lu Value: 1697352928
.sportradarserving.com/	1970-01-21 00:14:48	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 00:14:48	Name: zuuid_k_lu Value: 1697352928
daxie.supfree.net/	1969-12-31 23:59:59	Name: __vtins__CBCTph0KwfR9TQ9b Value: %7B%22sid%22%3A%20%22b84f82af-e4f8-53df-b3e0-e92eb09fab09%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201697354730782%2C%20%22ct%22%3A%201697352930782%7D
daxie.supfree.net/	1970-01-21 01:05:12	Name: __51uvsct__CBCTph0KwfR9TQ9b Value: 1
daxie.supfree.net/	1970-01-21 01:05:12	Name: __51vcke__CBCTph0KwfR9TQ9b Value: daff1277-1932-5b44-bc24-8d9c426dcd48
daxie.supfree.net/	1970-01-21 01:05:12	Name: __51vuft__CBCTph0KwfR9TQ9b Value: 1697352930789

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1(Line 19) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESENoSc9EKjWaItwK1RolBl0M&google_cver=1&google_push=AXcoOmR80zBsSOyma2_IywQE_go52gXL7kOSYmhtLbHHr9KQIHGcsDgyaqMPugkiOPMCXiN1IxK8-wnClvvkPf0GxRj5aZpMwtbSWDmMS-GeqhMlag6c5KCvkTn2aU1D0qNn1LeAnRFGzkVa3OtO5rLgKJXumQ Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ads.travelaudience.com
ads.us.criteo.com
ag.innovid.com
cat.va.us.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
collect-v6.51.la
csm.us.criteo.net
d.agkn.com
daxie.supfree.net
dclk-match.dotomi.com
dsp.adkernel.com
fff1208.supfree.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
im.bluevoox.com
imageproxy.us.criteo.net
img.supfree.net
ius.ctnsnet.com
libs.baidu.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.owneriq.net
rtb.va.us.criteo.com
rtb2-useast.e-volution.ai
sdk.51.la
static.criteo.net
sync.extend.tv
tpc.googlesyndication.com
trace.mediago.io
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.supfree.net
x.bidswitch.net
x.pocidian.com
104.66.251.81
122.114.199.212
142.250.65.226
142.251.40.98
174.137.133.49
180.76.110.142
203.107.86.226
2600:1f18:445b:901:b8e3:e6a9:15ac:1d69
2600:9000:21da:ae00:19:fc2c:a140:93a1
2606:ae80:1471:1b::1720
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2003
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:116:800b:21:f059:4f7e:28a9:1588
35.186.193.173
35.190.0.66
35.190.60.146
35.190.90.30
35.208.249.213
35.211.178.172
35.211.233.246
39.156.66.111
47.246.22.180
52.45.175.185
54.174.245.129
74.119.119.147
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
07e7d904102422650eb36e12a2d9b397850b4ae7dd75ac9ffbc6877723a0720c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbf42ef6b2a6a6ed10af0a0aad1bc6163d558dbaddd8e6c829b5f2bca0b615f
0dc294c62409f01a13b7d81e5f9b0c88a5a3ef7ee0e8e46c9ce16fb960f35544
17dafee7acfa051d755c14ed0763837e696a275021a403e54b6edc6d8461bbd1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b5e1b379db91c52a8351f410d926f0d704c776d28abd9cdbe219b1b621830b3
1fbedfbd0d3132630e9932685535ed970f3c855913fcfe143558ebf64c4dcbb3
2a06178605fc7fd69d26e76c46498a2d3fe2ddf14eb5dc5ff1a0e1a58ca8d008
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dcc7d9797069e986e78df75fc060954c5f5f0234f5f1a45e5c0f722e97417e7
2f5fa4a861c77144a7b339a841b4143d7979c72277117eb190f840adeb467925
308eb4a9539c32e950fbf57e78f6befbcf95994d62baa7662d2c5da453fd00bc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36a98b7ad796efce6426efe1eebff96692ec7127561039ac5756fd7834c66956
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
42ede0fcde3db993b17d0f152cd97ed7a0779690a0e510cc58ca58ac55f0921d
46ed2dfb732a01dbc80515ce6a48bcb24dea4bcab8522c71868231812000b58d
4716fe05c885d79f7ac20de5948a7f3829172c0bdd8f7ceaf9f9e1776303f942
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502c7ffb2ceff956562a053c74e5d1df4b0772450c0beb43559fb80e0e15405f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578c6b5d8c68e0369bed833e342d28d8729a16732e0c82552ce2518372ef6c87
57dc7d5cd0f432520a0c74dddd8c2ae6cc1a8ab66dba378f0a385f2e9a9851b2
592c264457f67af2579aa2dcb88a2581e7ae3fed4a55ea79aa0888efeba0be78
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dbbfab9448336f44d818728fbacd285619d9af44202aacaadd6717127f4565f
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67e87d1ec0c239aaed98fec5e1769e3ef251b2bd11fd354bf125b7b6431005c5
685fe1823c66973c11be8d1f0c7194caf0b3608e1c383bc427572f44614a31d4
6b160728ca22891398d6ba666133291d6c6edc62e1533c7a01a64312751e30b5
6c10bcb63cd63de5e3e32242ed44ff5b1be3a207f6ba1ea83b5ec1656f2b7996
6c86da9e92fba9961e614a799e8f3046ace4c5544a3042708142e49e83e671b1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
744e4df31f0d2a813b615ff8889f6b8836f619c804babb251382178e3b7c393c
751e70f5e7e77ae7b00696f7fd92f59552c18d8db48be62aef1fa401036c5637
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
7d91408ef5f6e72833fb9bd33111e7d29cc93c574bdf7aee0d8314905e5ac755
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
81e40cfd9268d77c245692bfe869d56836f557c91b494785b0cf068e875b9892
85637810c965b1c84310695f979e8b647eac32767ff4a121c9afb71128fb3ec6
8858e2ce3a69c11085cb405d611e9f4060912e6f88cb33ed5cd97f593ce3158d
8874b28d64ee24a4b63c56bc88e86dc7819539ebff1c48266f7167246ac848b8
88c64c6d86d603cbd52d9022f52d57ac971869796b5fc839f5a6a51251333509
8b6ca2c109c3ab6e0fd426481a435a12cd36848c8caddf663fbdb5407863348e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451
93471998fe7fcc15c31804f0f506177bbb9a100f74085f82f5999150dbad457d
94ed5891f450c95bd97613b733a2557cf1bc5c728dab2172a947b099d82a0533
97d8582beef14852d6f90a9bea709d01c828275851d04eafbdbdc9b352db5715
99dd5fcbb8dcff74ea1144ae951d21e286abe7472e6b94e0b9bf2d185743f617
9a14d1d430d900101ad8b8834c62f05f42831fedd08735604b537c4777fa7aa8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adc2eb337b467dfc00fead6e958b96ea35e09af3a882d6fb9733f1de2ad3d01
9e19d95ec4343dbe37cd6c5ec4f3b679ed0cfe0f3b9b3f45c76e477a39fb12f8
9ea4e350f6aad6142ea33ecf3adb8a8bee51998d0b57d7043b292356ebc56eff
9ffa651fa152c5d27e46825b050a97a861b24ad80792ebd0144fa84883ebfd87
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8a7cbb48fbae0e74faad35d030d62a5458a64196bd48938688c1f89ef94e823
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
bbacf6ace286ee85ddb58236917c9671000b9efee190553fca714aab0383f720
cb4f390bd82a9f375b470a6d008a0ea8b61f561971c2a6e120bad3614df49b96
cfa4163c95ebf854c883dd12437d33d241d671aa323fb80a27773718d0167872
d018da9239b60ccbb1045bb7b78d9f4fb292834a5b4e829a250ce08cc901758f
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d7690d5dca09b418fe1b72d13a38da5c71057dfb627b72b1ee5f9e081ccf987f
daa8642235fa79009c7914210e1a0ab242ac1e0dda17af4c600d1ba95720dc08
de0198f37835cbb1e956c27720a54ce3fa1f9e2780ec312b59a515ff6fc4c706
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e16a0b0504943fdc2c34bf71e32dd3693ca3300bf6f7ded118f1f804734400eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4179e81e1492fc70dfdb95eea1a9d0741bf04654b922cbd9a306604d3669e8
ebda3e725e5f7f3290ad7a9e5181bb414d1ae48738a45f8297d476e20b5a1a62
ee5538ffe2919a4a23493a4bb0ab0e6ffa2bc46ee7d05c6b07e19a40b0e3a967
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb06d892293b1ed1a59f10f726abfed843e85dd34311dbcbeae29e8db253fa0
f3d519c68596fd187897c5b5753729795b469fdfc91649d9cc4d1abe709a322b
f46f153a7bfac56175bce3a1e8c9ce6fcc71934bdab5a77140563cb37d2601b8
f81e1d811e807a97b7086c1c6f85c38caabb293ffcca7fdffb34ffba2b296b79

daxie.supfree.net Open in urlscan Pro 122.114.199.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

92 %HTTPS

49 %IPv6

29 Domains

41 Subdomains

26 IPs

2 Countries

1413 kBTransfer

3360 kBSize

39 Cookies

34 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

daxie.supfree.net Open in urlscan Pro
122.114.199.212 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

92 %
HTTPS

49 %
IPv6

29
Domains

41
Subdomains

26
IPs

2
Countries

1413 kB
Transfer

3360 kB
Size

39
Cookies

145 HTTP transactions
3 data transactions