capitalonelocations.com Open in urlscan Pro
50.87.150.218 Public Scan

URL:
http://capitalonelocations.com/
Submission: On May 02 via api (May 2nd 2021, 2:18:50 am UTC) from US

Summary HTTP 58 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 11 domains to perform 58 HTTP transactions. The main IP is 50.87.150.218, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is capitalonelocations.com.

This is the only time capitalonelocations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	50.87.150.218 50.87.150.218	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::2002	() ()
5	2a00:1450:400... 2a00:1450:4001:812::2002	() ()
3	2a00:1450:400... 2a00:1450:4001:82f::2002	() ()
10	2a00:1450:400... 2a00:1450:4001:802::2001	() ()
2	2a00:1450:400... 2a00:1450:4001:80f::2006	() ()
4	142.250.185.66 142.250.185.66	() ()
1 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:612... 2600:1f18:612b:4216:5e41:f643:f5d9:712d	() ()
2	142.250.186.34 142.250.186.34	() ()
3	2607:f8b0:400... 2607:f8b0:4006:803::2003	15169 (GOOGLE) (GOOGLE)
58	18

2 50.87.150.218 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-150-218.unifiedlayer.com

capitalonelocations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN- ()

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN- ()
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:5e41:f643:f5d9:712d (Ashburn, United States)

ASN- ()

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN- ()
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:803::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	264 KB
14	doubleclick.net 1 redirects googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net	90 KB
3	gstatic.com csi.gstatic.com	393 B
3	googletagservices.com www.googletagservices.com	98 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	2mdn.net s0.2mdn.net	68 KB
2	capitalonelocations.com capitalonelocations.com	5 KB
1	tremorhub.com partners.tremorhub.com	183 B
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	268 B
58	11

	Domain	Requested by
18	pagead2.googlesyndication.com	capitalonelocations.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
3	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google-analytics.com	capitalonelocations.com www.google-analytics.com
2	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
2	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	s0.2mdn.net	googleads.g.doubleclick.net
2	capitalonelocations.com	capitalonelocations.com
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
58	15

This site contains links to these domains. Also see Links.

Domain
www.capitalonelocations.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://capitalonelocations.com/
Frame ID: 5E540310296C993B3C203C01B057EF65
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: 4B9062D13D85FD63DCDF90B774785EBA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&adk=1812271804&adf=3025194257&lmt=1619921912&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fcapitalonelocations.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1619921911967&bpp=15&bdt=56&idt=57&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3209353369984&rume=1&frm=20&pv=2&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=80
Frame ID: 7EF7E318CCEC123DCAA80AE7D68A3E8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78
Frame ID: CB1C5B29DAE00A0EFCB45FEA183BC1FF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=3608593974&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911985&bpp=1&bdt=74&idt=79&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=979&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7Pv08CuWkY&p=http%3A//capitalonelocations.com&dtd=82
Frame ID: A647826DE4C9A084BD341E7B43FD3529
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ359gIQ0ri2-AEY3I6mnQEwAQ&v=APEucNUguh-xsADiQLiaqevbvzL18_nlG7PTV5uSQcYWt-5Jcqyval3s-BNrPOHu7o2CJRvNYnaanmI4GOMdgCTDeWQK_V0hj0F9qPUr1yU_YKWwOb2kJr7USaC2ZYL8sK0oYjIp7IDs
Frame ID: 76DD568D711F42290FECF08410C83BB1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C6B8BE26F16B92066AB37E74B907E2A6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ359gIQ0ri2-AEY3I6mnQEwAQ&v=APEucNWhDpNImRShL7KtXYVyf7iwothqBZHOWONbaY7h-c93PIVRS15qBURN0ywbljFfYpQpqtZbLLUHbMdh1LqbOf5Uih0cLjnbu86uF-hvsCgt6J9G-kk4O9apVa88BUkdTIxz5WAD
Frame ID: F96AA0886CF298DE717C967C96986231
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 183C89B0246F75BFFA502AE6703BD811
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 41CDB2965822A3A76F5EF6DB7D5BF0F2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

58
Requests

95 %
HTTPS

71 %
IPv6

11
Domains

15
Subdomains

18
IPs

2
Countries

545 kB
Transfer

1333 kB
Size

5
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: http://www.capitalonelocations.com/
Title: Capital One Locations

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/alabama/
Title: Capital One Locations - Alabama

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/alaska/
Title: Capital One Locations - Alaska

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/arizona/
Title: Capital One Locations - Arizona

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/arkansas/
Title: Capital One Locations - Arkansas

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/california/
Title: Capital One Locations - California

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/colorado/
Title: Capital One Locations - Colorado

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/connecticut/
Title: Capital One Locations - Connecticut

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/delaware/
Title: Capital One Locations - Delaware

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/district-of-columbia/
Title: Capital One Locations - DC

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/florida/
Title: Capital One Locations - Florida

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/georgia/
Title: Capital One Locations - Georgia

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/hawaii/
Title: Capital One Locations - Hawaii

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/idaho/
Title: Capital One Locations - Idaho

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/illinois/
Title: Capital One Locations - Illinois

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/indiana/
Title: Capital One Locations - Indiana

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/iowa/
Title: Capital One Locations - Iowa

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/kansas/
Title: Capital One Locations - Kansas

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/kentucky/
Title: Capital One Locations - Kentucky

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/louisiana/
Title: Capital One Locations - Louisiana

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/maine/
Title: Capital One Locations - Maine

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/maryland/
Title: Capital One Locations - Maryland

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/massachusetts/
Title: Capital One Locations - Massachusetts

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/michigan/
Title: Capital One Locations - Michigan

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/minnesota/
Title: Capital One Locations - Minnesota

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/mississippi/
Title: Capital One Locations - Mississippi

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/missouri/
Title: Capital One Locations - Missouri

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/montana/
Title: Capital One Locations - Montana

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/nebraska/
Title: Capital One Locations - Nebraska

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/nevada/
Title: Capital One Locations - Nevada

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/new-hampshire/
Title: Capital One Locations - New Hampshire

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/new-jersey/
Title: Capital One Locations - New Jersey

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/new-mexico/
Title: Capital One Locations - New Mexico

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/new-york/
Title: Capital One Locations - New York

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/north-carolina/
Title: Capital One Locations - North Carolina

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/north-dakota/
Title: Capital One Locations - North Dakota

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/ohio/
Title: Capital One Locations - Ohio

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/oklahoma/
Title: Capital One Locations - Oklahoma

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/oregon/
Title: Capital One Locations - Oregon

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/pennsylvania/
Title: Capital One Locations - Pennsylvania

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/rhode-island/
Title: Capital One Locations - Rhode Island

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/south-carolina/
Title: Capital One Locations - South Carolina

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/south-dakota/
Title: Capital One Locations - South Dakota

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/tennessee/
Title: Capital One Locations - Tennessee

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/texas/
Title: Capital One Locations - Texas

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/utah/
Title: Capital One Locations - Utah

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/vermont/
Title: Capital One Locations - Vermont

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/virginia/
Title: Capital One Locations - Virginia

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/washington/
Title: Capital One Locations - Washinton

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/west-virginia/
Title: Capital One Locations - West Virginia

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/wisconsin/
Title: Capital One Locations - Wisconsin

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/wyoming/
Title: Capital One Locations - Wyoming

Search URL Search Domain Scan URL

URL: http://www.capitalonelocations.com/site-map.htm
Title: Site Map

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 25

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEClWvD7Ex4PA_v5bADbg3rY&google_cver=1

Request Chain 48

http://www.google-analytics.com/collect?v=1&_v=j90&a=1931467773&t=timing&_s=2&dl=http%3A%2F%2Fcapitalonelocations.com%2F&ul=en-us&de=windows-1252&dt=Capital%20One%20Locations%20%26%20Hours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1727&pdt=1&dns=1&rrt=0&srt=593&tcp=18&dit=621&clt=621&_gst=620&_gbt=647&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=16493653.1619921912&tid=UA-40186632-13&_gid=217429405.1619921912&z=144717497 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j90&a=1931467773&t=timing&_s=2&dl=http%3A%2F%2Fcapitalonelocations.com%2F&ul=en-us&de=windows-1252&dt=Capital%20One%20Locations%20%26%20Hours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1727&pdt=1&dns=1&rrt=0&srt=593&tcp=18&dit=621&clt=621&_gst=620&_gbt=647&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=16493653.1619921912&tid=UA-40186632-13&_gid=217429405.1619921912&z=144717497

58 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
capitalonelocations.com/ 13 KB
4 KB 612ms
593ms Document
text/html 50.87.150.218
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://capitalonelocations.com/
Protocol: HTTP/1.1
Server: 50.87.150.218 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-150-218.unifiedlayer.com
Software: Apache /
Resource Hash: 41f89471975c4db3509e6ecbad447b22d4ec787accf94df53ae6984bffcad69e

Request headers

Host: capitalonelocations.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 02:18:31 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3500
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: capitalonelocations.com
URL: http://capitalonelocations.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 02 May 2021 02:18:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9950050495859225628
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 47851
X-XSS-Protection: 0
Expires: Sun, 02 May 2021 02:18:31 GMT

GET
H/1.1 200
OK footer.jpg
capitalonelocations.com/images/ 1 KB
2 KB 235ms
235ms Image
image/jpeg 50.87.150.218
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://capitalonelocations.com/images/footer.jpg
Requested by: Host: capitalonelocations.com
URL: http://capitalonelocations.com/
Protocol: HTTP/1.1
Server: 50.87.150.218 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-150-218.unifiedlayer.com
Software: Apache /
Resource Hash: 7ef55e7d5a3d32f4c2208dba46b4ca1eeab8c88667c8a5a195e57b87b8244b05

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: capitalonelocations.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://capitalonelocations.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 02:18:32 GMT
Last-Modified: Thu, 15 Apr 2021 20:40:17 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 1365

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: capitalonelocations.com
URL: http://capitalonelocations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2276
date: Sun, 02 May 2021 01:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 02 May 2021 03:40:35 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1931467773&t=pageview&_s=1&dl=http%3A%2F%2Fcapitalonelocations.com%2F&ul=en-us&de=windows-1252&dt=Capital%20One%20Locations%20%26%20Hours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1986714122&gjid=1168546177&cid=16493653.1619921912&tid=UA-40186632-13&_gid=217429405.1619921912&_r=1&_slc=1&z=261839379

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://capitalonelocations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 223 KB
83 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3245746075177314&plah=capitalonelocations.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84347
x-xss-protection: 0
server: cafe
etag: 8033165652557143678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 May 2021 02:18:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame 4B90 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210428/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://capitalonelocations.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://capitalonelocations.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 02 May 2021 01:17:06 GMT
expires: Sun, 16 May 2021 01:17:06 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 3685
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3245746075177314&plah=capitalonelocations.com&amaexp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0184bf9e390943d9cbbd488e81e50f656db9aa56a90590de9b0f9761bd08bd70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19644
x-xss-protection: 0
server: cafe
etag: 17808063891848108074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 May 2021 02:14:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
268 B 37ms
37ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=capitalonelocations.com&callback=_gfp_s_&client=ca-pub-3245746075177314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ed7e8028f6074550ec015c951f6163e9f8bd7af123bc6d1f09140da8ba51c0d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:831::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=capitalonelocations.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=capitalonelocations.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7EF7 54 B
56 B 49ms
49ms Document
text/html 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&adk=1812271804&adf=3025194257&lmt=1619921912&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fcapitalonelocations.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1619921911967&bpp=15&bdt=56&idt=57&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3209353369984&rume=1&frm=20&pv=2&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=80

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3245746075177314&output=html&adk=1812271804&adf=3025194257&lmt=1619921912&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fcapitalonelocations.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1619921911967&bpp=15&bdt=56&idt=57&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3209353369984&rume=1&frm=20&pv=2&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=80
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://capitalonelocations.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://capitalonelocations.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 02 May 2021 02:18:32 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-May-2021 02:33:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 May 2021 02:18:32 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Sun, 02 May 2021 02:18:32 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB1C 45 KB
21 KB 571ms
571ms Document
text/html 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

b30dd0ec7177b7246bcf5646a2eff9f0dac3a77ce5d65a0d914ca885d95fbb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://capitalonelocations.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://capitalonelocations.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 02 May 2021 02:18:32 GMT
server: cafe
content-length: 21553
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-May-2021 02:33:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 May 2021 02:18:32 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A647 45 KB
21 KB 374ms
373ms Document
text/html 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=3608593974&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911985&bpp=1&bdt=74&idt=79&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=979&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7Pv08CuWkY&p=http%3A//capitalonelocations.com&dtd=82

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

20033b8041d2d21834b765b4a1bc8cf0dfcca5985508bcec348e8124e06cf8bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=3608593974&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911985&bpp=1&bdt=74&idt=79&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=979&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7Pv08CuWkY&p=http%3A//capitalonelocations.com&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://capitalonelocations.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://capitalonelocations.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 02 May 2021 02:18:32 GMT
server: cafe
content-length: 21632
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-May-2021 02:33:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 May 2021 02:18:32 GMT
cache-control: private

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A647 42 B
63 B 15ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aq9G6o81jZaoTd6qsxFmsiqX3WF5i2Fq29H5NATU85zNF3ZyhXX-hxuloT_P97evy1RVp3DPFCNDSk9Il85Sor6mCH3TC0ohhL8hWTh3Lp0A6fAII

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=3608593974&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911985&bpp=1&bdt=74&idt=79&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=979&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7Pv08CuWkY&p=http%3A//capitalonelocations.com&dtd=82

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame A647 2 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 01:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 May 2021 01:45:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A647 116 KB
35 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 02:18:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame A647 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 May 2021 02:09:39 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 76DD 266 B
173 B 18ms
17ms Document
text/html 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ359gIQ0ri2-AEY3I6mnQEwAQ&v=APEucNUguh-xsADiQLiaqevbvzL18_nlG7PTV5uSQcYWt-5Jcqyval3s-BNrPOHu7o2CJRvNYnaanmI4GOMdgCTDeWQK_V0hj0F9qPUr1yU_YKWwOb2kJr7USaC2ZYL8sK0oYjIp7IDs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ff016a7705bb98e34908e41f5db86978ffbde1ef819d57c2708b3c8091ed0e3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJ359gIQ0ri2-AEY3I6mnQEwAQ&v=APEucNUguh-xsADiQLiaqevbvzL18_nlG7PTV5uSQcYWt-5Jcqyval3s-BNrPOHu7o2CJRvNYnaanmI4GOMdgCTDeWQK_V0hj0F9qPUr1yU_YKWwOb2kJr7USaC2ZYL8sK0oYjIp7IDs
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=3608593974&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911985&bpp=1&bdt=74&idt=79&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=979&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7Pv08CuWkY&p=http%3A//capitalonelocations.com&dtd=82
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=3608593974&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911985&bpp=1&bdt=74&idt=79&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=979&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7Pv08CuWkY&p=http%3A//capitalonelocations.com&dtd=82

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 02 May 2021 02:18:32 GMT
server: cafe
cache-control: private
content-length: 149
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUk8QUIryGHjjan-LPqs1cfIPaaAwIN0UnoUFd2-9O_qrc5nMSzMmRPoS3AE; expires=Fri, 27-May-2022 02:18:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 May 2021 02:18:32 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame A647 17 KB
7 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 22:44:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 22:44:16 GMT

GET
H2 200 10073997160279662495
s0.2mdn.net/simgad/ Frame A647 34 KB
34 KB 40ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10073997160279662495

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b3a636bfc4b653ee36b19a656d15652248c5a525882acdf888cb4810ac16a3f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:03:53 GMT
x-content-type-options: nosniff
age: 260079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34822
x-xss-protection: 0
last-modified: Mon, 08 Feb 2021 18:50:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 02:03:53 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame A647 6 KB
3 KB 19ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 22:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 22:33:05 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A647 0
575 B 116ms
44ms Ping
image/gif 142.250.185.66

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvemAAN76fl8-vvtzlfgfDZbttbgyQhBtUnbE3uzz-iehQvuFcUg6gatTAf03cHmOVxXfHETesw02dj7JuzFxqXXhs80tZDOKVRZ18f8t3nGk4m7i9i4B5EzCvZ8tiS-65ONvuYb_SG8MQ_qHFmDSmlG-Bb55o_qJTcYey0vfHnO_SPMeQOStHBtmZnHEebbQ0dc-n4vvZLHAayr3GTK--NVpRLJzr74hvjgxhky8kwGRt6MN1UEh7PGCCMSFxMyBvccXX9pfJXPYVwvH25i2U7LQw2EP4l8zbp4tyJ099niD3JuycpNiligqYHzdDCOeWKAwiMfwsxScS6WNa8zthYrFFks4FcS1EClKlECBp_6lV3A8XJAWjtMFARpsEVxqpvEFfMzD4XmA7v7Wjgm8eIV68JnFD3omc-GP0lpXA6-bP_H8txxtsyEUZM3Q0W5V26SuKgsMGKvGvbHTRII_oCFiuEHhOFGs-3XQ0UIkU-T81KFqFPiJtD8vuLMtkJLcBhoCsFwO9Md9_xRNdJN9MLRwAR_1Eh2phvD4P9IWlEWAUPEeAmbBdm5ga39kGQACd1qru3LlCoXk7G0zXMbbN2ZrPfU3rrHmA67u7NzuD0o8ZCsnrOZLQthIOxUVr-jzqeiqTJrYGTA8BEIgE430_auOfO7VJ5z-J-N1mYYxgmPHnAD3D3u3WGIhBr0rZipcA7VXe-dVX9BTGC3n4HltaZ4_473fqRpOs91ajQGDOnVFH3CPC0QOsu-g_E7fzek2fpzc1tuAv5DY5fK0ssliDLGHfJfGyvK8IzarBDMRyfQvs8EJZn4gB49pcOLQleeea9o6eLNDYK6R09QM1LXBnlLyjHALZvEZf9hIuXjc-BX3NiOufPmuQ_oQAh3YVp8yplkOEKFUkoi3u67CkdOHfT6fKLC-0QI0I5s_FDg09eH7QMk4Jcccx8JDMFHsyDCuL_NFxVwjfsc691zjbAYg4oC9TidzwzD94ZmGv3EGuZLDki3eJrJV3kx42b1BNR17iDvZZ7afZwuWu382sckNIT9E7njIBXHbQ5Mu7W50PjEdYhlaf3aosiBJJg936r&sai=AMfl-YTCZcAF7l0l4mY-JDQbZPsnVuygVrZfMEGHU31tLVruZnF5zPlc5xLcARdxjdqFo2rtxBYz2kOaZQSXcpHDaiL1OBQPkbzW1POwqNSCAoCx9ZiHH1Dc31qzxQ1a3_IkqnO0BWu_a3MltrE-L96lPfSYV5aMmnKJC2OBPsR7oA&sig=Cg0ArKJSzKieUzTK_uCvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210428.64408&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN (),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 02 May 2021 02:18:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A647 41 KB
15 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:802::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 13:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46835
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 May 2022 13:17:57 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 76DD 170 B
243 B 135ms
66ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ359gIQ0ri2-AEY3I6mnQEwAQ&v=APEucNUguh-xsADiQLiaqevbvzL18_nlG7PTV5uSQcYWt-5Jcqyval3s-BNrPOHu7o2CJRvNYnaanmI4GOMdgCTDeWQK_V0hj0F9qPUr1yU_YKWwOb2kJr7USaC2ZYL8sK0oYjIp7IDs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame 76DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEClWvD7Ex4PA_v5bADbg3rY&google_cver=1

43 B
183 B

383ms
95ms

Image
image/gif

2600:1f18:612b:4216:5e41:f643:f5d9:712d

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEClWvD7Ex4PA_v5bADbg3rY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ359gIQ0ri2-AEY3I6mnQEwAQ&v=APEucNUguh-xsADiQLiaqevbvzL18_nlG7PTV5uSQcYWt-5Jcqyval3s-BNrPOHu7o2CJRvNYnaanmI4GOMdgCTDeWQK_V0hj0F9qPUr1yU_YKWwOb2kJr7USaC2ZYL8sK0oYjIp7IDs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:5e41:f643:f5d9:712d Ashburn, United States, ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:18:32 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESEClWvD7Ex4PA_v5bADbg3rY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C6B8 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 01 May 2021 13:20:23 GMT
expires: Sun, 01 May 2022 13:20:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 46689
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A647 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 765d5ab5c163f871c57f7a3d2a7701b51315222b9a713c6d305a9a31b3724266

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame A647 0
23 B 77ms
41ms Ping
image/gif 142.250.185.66

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN (),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 02:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame C6B8 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 143178
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:32:14 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB1C 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CDlmUD3xRP2QdhrEYQYNVB5I5fWWsWcVSPrEUtZvjuGtP4XQ9eszSLMBuBmodH4Gc5sNzJSE-HxFtwgVAiTojRFCJjFuTMPXIOp7912oqPMZzdrgI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame CB1C 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 01:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 May 2021 01:45:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB1C 116 KB
35 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sun, 02 May 2021 02:18:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame CB1C 13 KB
5 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 May 2021 02:09:39 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F96A 0
19 B 20ms
20ms Document
text/html 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ359gIQ0ri2-AEY3I6mnQEwAQ&v=APEucNWhDpNImRShL7KtXYVyf7iwothqBZHOWONbaY7h-c93PIVRS15qBURN0ywbljFfYpQpqtZbLLUHbMdh1LqbOf5Uih0cLjnbu86uF-hvsCgt6J9G-kk4O9apVa88BUkdTIxz5WAD

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJ359gIQ0ri2-AEY3I6mnQEwAQ&v=APEucNWhDpNImRShL7KtXYVyf7iwothqBZHOWONbaY7h-c93PIVRS15qBURN0ywbljFfYpQpqtZbLLUHbMdh1LqbOf5Uih0cLjnbu86uF-hvsCgt6J9G-kk4O9apVa88BUkdTIxz5WAD
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk8QUIryGHjjan-LPqs1cfIPaaAwIN0UnoUFd2-9O_qrc5nMSzMmRPoS3AE; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 02 May 2021 02:18:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 May 2021 02:18:32 GMT
cache-control: private

GET
H3-29 200 10073997160279662495
s0.2mdn.net/simgad/ Frame CB1C 34 KB
34 KB 36ms
17ms Image
image/jpeg 2a00:1450:4001:80f::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10073997160279662495

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b3a636bfc4b653ee36b19a656d15652248c5a525882acdf888cb4810ac16a3f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:03:53 GMT
x-content-type-options: nosniff
age: 260079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34822
x-xss-protection: 0
last-modified: Mon, 08 Feb 2021 18:50:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 02:03:53 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame CB1C 17 KB
7 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 22:44:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 22:44:16 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame CB1C 6 KB
3 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 22:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 22:33:05 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame CB1C 0
24 B 45ms
44ms Ping
image/gif 142.250.185.66

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssS7zNk3WHWOvIqLenBA-RXdoKpom8-9i4XAo07_FZTrTZ40ba1TLIkGHq3IbQPsdfObEDmIdhX-_bAdMJVHz43lgSsOWBQYl8kAxr0s0p4zthMX0Ti9Q6X2rsIFNY0e0yogSPRBIDEEgcT7K51iUr245xo8IZ1Ydlpf9iUFFDNirdUBQKd3w5iPQ5fDSNFxrufPQrZHFwiH5V3rga74MiqfsVP7gPkpCZpujmfTCrMnWSTxAMAL70lSciL-CUKqogGu7wbsPDpyc3gKxBie34-zUJP3lrDDgMG-XrhexiDzCuc1k_11nlqmcrmkuljF7GM_y2PQObuTvl0mv6w2pgusbkxuIB5DZ987a1lDaeTAlo_VIodXsnUhgkQveHdy5fvQBdXPiZkj3_RGXAHmcjlCR8zAqzuZtSp6tQsQlk48KXAeZ8fYNM0xYNu2KMM3BEKynBZxE6P0l3JP_RDVchK2he6C7Robiw_KZ4HI3a6aRBXmdbYEPMruwwyB6Qjg5T-pf9cjCOcPOFD_u1OcpCDJxaiF9xnCeNakjLBOxw2Jiufjc3a7MAGf2tLQlkx7jMwEiSmN8ZXMdK6XC4qZZSYgjuCAN8A6kk-6MjOSz0XLPPqOwTOeBhpUTtdlb66q9BXeJiQOSFga71r6q1A2gK92ErIThI36g8YsrpG_FvC16N_tcnWX1qgm-qoHfgn2pAr5WIXoKJeZeNyCaQza6Je4RI2te8bAh37gcNTblCZHwphW8Aq8Le_pzXJUx3LhgCLEhiIegBi4JAfQZ3UwS-hNlt5NDok0wTgyrqx-Vtfrcf76xEgG7Yn42pu1urV1Z1K83oK8B2DhqznTMv9goh5NsfbqOGu4YoRZtVIvh5KN6cCstpE6bd-7RgMsre9wwsRmFVJ9kEoNO1cfM1Ks-CRgjbKLD1TLs1S15HC8HNKfjgYF5G2JvGRaDgNMP7twDlVCxQl2SL9gau8YGIBjhz65CUXOk_CwjSlHxrM6b4evw2rE_ymdDqDngBAdHZoKqzDYL7YQskxeuqgr0xY0Qcp9BUxb-qj3jGQehPx-DqMtxXSwwUIW3DlZsmleCTe&sai=AMfl-YQLSQ8gHOidqsN1l64Ya0CR6Ztn5Ai8-rHEHupUY4rqMZ0iS7bvRMEYqyGrTzmaGH21Q9EplC1oFUzpOh5UqldKHhhAnpFHAwfa2T846os-ev4jfZa6cz1GflRAj-U8REU61dvoMdJwByE-7GYKgy0Uo4S02udiVKhLaxVxWw&sig=Cg0ArKJSzDhqoOxYOPvQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210428.82486&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN (),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 02 May 2021 02:18:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CB1C 41 KB
15 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:802::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 13:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46835
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 May 2022 13:17:57 GMT

GET
DATA 200
OK truncated
/ Frame CB1C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9be8c56e90a9a5d6121f0651a0e493f9ec66e5b0258c2d4a2b33225a0a3e2c41

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 183C 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 01 May 2021 13:20:23 GMT
expires: Sun, 01 May 2022 13:20:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 46689
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame CB1C 0
23 B 39ms
39ms Ping
image/gif 142.250.185.66

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN (),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 02:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6B8 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJHJG-AuOYL2MBdO1gQfVq4m4CQAAAAA4AeAEAg&bg=!Z2SlZCDNAAZLnZBaS507ACkAdvg8Wm6UJCMHwrezlCsdAl5EdrRliplIufbFYLeTsNmWkZho4F_3bgIAAADHUgAAAA9oAQcKAOVd8vxPE_VS533F0CyTmndhzRzuNll--CLkDIVnQKtXM2ilI8-T_iO_SIogZ0kRRRMFhwtWMlj3vCVdkKzJ8MtFTNVDNMkGdCTwGOA232lHUaK3AVNXrZWto2j8hKY93iNfpdycSeDKv1o8KJo4uTcyBMLS1F1BC7jg_Pp6WmGmbbpyiVywrHlDp2gzz_lcrNANO-IbHRSPS-Fbf5Bziv4re_TWDVfGfzIiaF3vhb98To8mwkRcwzx8XE22aPloTXvRs0Lah6ObHOqUN9LXcdjIBn-aCW9TIJwdhgu-NEAfU7yZwU1emQJMrhY_GSrwiKKFhamO6yVxXhK74v7LkYz7h4Rl71kb4ZLtDj3-MOXA4ulyBlLOfaAhgf8Lm1gml274lQTQyK6Cn3A77SpRw_t6xYYWioeszez1DOKobJ57ae3Bgvmsu_7LnwNxs5VGw8M9dK2umJFZrC8pLHPYU2sBp5NjbqHvXrhmqoGqhXgkdtBqeGtB3p8e5R6Y1rOfnscziikhU5k5Isv8tG1tXk76NwfjePeYvCFRpQZAz_wEgKo8ISMNk55EMpHDThWKqILSaknDdnmi7GCPj6Jq_hDU6H3bmMwwlTFyjVemUzCoQqPNQRwyconYP6ziUoc2VKgQVXo7D49qgvjolB8DwrOfRWrTLN0Eexr5ciyz4ND2gYLfa98Vs2lj4hbyw8WOeT_K-0gV7bbG8TUzuXWzthUECaoVkXN2ofar2ARd3k3eDkoQoT-MWMm6ZAglh7FJ6xVclpFVubVYL9NVfhsuNh0HMJeD5BWgJbBWNkojZFOGmYYGOUtnykhFDviNVRnWZmbRwdYrpK83-e-epQBHQ3xn3BZiqCWrLHUZ0XKSb7C7xy8bBOFGTrZUlubd4saxcCC1P5_ZYkvldITPsDTOTwN1Xwzz1kkKBkFUvH3auTUnAEWfy1T2Yzuft0CU-P8ZjRhIpUXCe8LDj3tyPxmkLvQjHYzP_R836O-oqQgItxrP6jRLnaW97IFlA6WASLLnP6VoVzvCu-oEk9cJiYZfMQ6aHcz7C2fLzfRH4wMyfoG6zIG-dhtVe-suVFpizMtRmRWWr8ZP

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 183C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 143178
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:32:14 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame CB1C 54 KB
21 KB 196ms
29ms Script
text/javascript 142.250.186.34

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245746075177314&output=html&h=250&slotname=9667086952&adk=1476293939&adf=4187687044&pi=t.ma~as.9667086952&w=300&lmt=1619921912&psa=0&format=300x250&url=http%3A%2F%2Fcapitalonelocations.com%2F&flash=0&wgl=1&dt=1619921911982&bpp=3&bdt=70&idt=70&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3209353369984&rume=1&frm=20&pv=1&ga_vid=16493653.1619921912&ga_sid=1619921912&ga_hid=1931467773&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828%2C21066613%2C21066615&oid=3&pvsid=1056943478793963&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=OuhqthYLGK&p=http%3A//capitalonelocations.com&dtd=78

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN (),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a46a07c3d4d62ab8017abd9b7f57d0eb11209d23e0230720f8220a9175da4d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 01:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1141
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20853
x-xss-protection: 0
server: cafe
etag: 17473441666752178516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 02 May 2021 02:59:32 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 18ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210428&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a86e22701cee20d5f335d0fcef3c6e017b3ec2c3fa1ddc0675776ac6bb15d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 02:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7630
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame A647 54 KB
20 KB 114ms
50ms Script
text/javascript 142.250.186.34

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN (),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a46a07c3d4d62ab8017abd9b7f57d0eb11209d23e0230720f8220a9175da4d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 01:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1141
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20853
x-xss-protection: 0
server: cafe
etag: 17473441666752178516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 02 May 2021 02:59:32 GMT

GET
H3-29

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j90&a=1931467773&t=timing&_s=2&dl=http%3A%2F%2Fcapitalonelocations.com%2F&ul=en-us&de=windows-1252&dt=Capital%20One%20Locations%20%26%20Hours&sd=24-bi...
https://www.google-analytics.com/collect?v=1&_v=j90&a=1931467773&t=timing&_s=2&dl=http%3A%2F%2Fcapitalonelocations.com%2F&ul=en-us&de=windows-1252&dt=Capital%20One%20Locations%20%26%20Hours&sd=24-b...

35 B
55 B

10ms
9ms

Image
image/gif

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1931467773&t=timing&_s=2&dl=http%3A%2F%2Fcapitalonelocations.com%2F&ul=en-us&de=windows-1252&dt=Capital%20One%20Locations%20%26%20Hours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1727&pdt=1&dns=1&rrt=0&srt=593&tcp=18&dit=621&clt=621&_gst=620&_gbt=647&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=16493653.1619921912&tid=UA-40186632-13&_gid=217429405.1619921912&z=144717497

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 07:28:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67785
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j90&a=1931467773&t=timing&_s=2&dl=http%3A%2F%2Fcapitalonelocations.com%2F&ul=en-us&de=windows-1252&dt=Capital%20One%20Locations%20%26%20Hours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1727&pdt=1&dns=1&rrt=0&srt=593&tcp=18&dit=621&clt=621&_gst=620&_gbt=647&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=16493653.1619921912&tid=UA-40186632-13&_gid=217429405.1619921912&z=144717497
Non-Authoritative-Reason: HSTS

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:802::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 02 May 2021 02:18:33 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 41CD 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://capitalonelocations.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://capitalonelocations.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 01 May 2021 19:47:34 GMT
expires: Sun, 01 May 2022 19:47:34 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23459
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 41CD 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JxtSU23QilcS3Hq1d95Pny_YZBvVU4F37ng-NXn3n2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 143179
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:32:14 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 183C 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxW5N-AuOYNLMBMaI-gbg3IioDgAAAAA4AeAEAg&bg=!LC-lL2vNAAZLnZBaS507ACkAdvg8WgxfY7PLAH6Scl7ecrtjrY3G41Xcd3v6TVb0gm6rX2mwXWDngwIAAACLUgAAAA5oAQcKAU0mLn2EbIskgIwuij5IttuINhl2U6jQeY50vR-EBrWWrUzDZn2QWxQIG3q9TSjWBsznKlt9fPXnHifZKYTAjgLApFPiX-TDEepjw6t9eoYJmXhZbZu_p4DN8uP4ymZxMGB2Ol_pAlC6X6WHbAeJScJovjOL2P7EQfTkueRxb1uqXPxmClgVv-SDZZZRujMoy6M5u_GhQ2_wn0o7iPuoDRGfUteY6cDpFnZ1OJx4fDPha2zeVa3C4ykL65o1vJm8l_OfaI1EnL2pEOGnfbU9c250k9rU13bZw8HrHft6z80A96yiyVA_DKBGYBsdYa_YQjwk-9FfuAQeMWNoIfXhe0JhVVGeUwU5C6X55sues2926JtS9KXc1z-6VGdN2c_bRwlUMwxxXFCixiBQiAiyBZJx8tIIiegxQ7MDPY_THOltD4J2AmFVkKBevVIQaACZAk17NRN63cTC_DqEFFjHmoi41I1uw-AQDvY8R9bj8njuIIv1b1IORU6vW6jkPYMueTA91KwHdsIxECIN02rZxKx7SVJ4EONvjb1OF0POuzg6fTa4Kp7ldjlNA6fcd4P5ZNHA-snN8o-NGaMOczDUfX4kLHh5SyTKliyOHqGKLz4-rXnenqrBEbQHVcSi_xLKGLoUY82pSttWMl5P7Ts9PZg7Br2FCkLftL3cY-oADfADCtItobO-LhOuqW52_ZKCpY9AjflctiljgPZUhulaWKPxAwxedXAlfevewoJAkM_o7oKTsD1XHhR9fJAzQ6hqoP9cX92utYzb6GDvpXXAGWpV2na6XURSZQJa_oNvAM8vC1zhwETLJiWe8wYIz7cd4cEKdoRizgu47_00E5YanlROExXB9HEIRtmo0sGUzfWdQzrdst1Lceh1vLFMYMNkMVVzz52vQ4rjj0TSqRXFhTmSpHb24blXqrccoS4CDoZ2j9J7jr-pUlAKhf9uiKAAAr5-Hw9UkoVtkQzEIcn6XxeU1CoY-UD8Y0fop8c4OI4K_CFJl-LzTZwjGRKFG9hiK9ts-e1uY7OcCTs84DrTSZ-R1qnoLL4YosH3QwRH6iV0BhQzURiDp-0sa8MoZh-d8LXXJZgOunHmIkGD31beTMjzu2mlwCt_8tQTIHpzk4ZnHhTQVDHJ_-pIkq7c8ElbmBptw_BFjLNpkCWtlkJyY4DTGUFEwudIMWJP4xLhP6vpE1qUuGIxagshoW08Y6LPohfdykUWcF_kXkj6rfgJ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CB1C 0
331 B 277ms
99ms Ping
image/gif 2607:f8b0:4006:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~ko6jojt6&chm=1&ctx=2&gqid=-AuOYP2ZBPGEjuwPtt2OkAk&qqid=CNKoiLH3qfACFUaE3godYC4C5Q&met.4=fb.gm~lb.j3~ol.o2~bdt.-45~bpp.-24~idt.-9~dtd.-1~dt.-27&met.3=739.j3~749.j6_5~374.jl~735.jl_2~740.jn~740.l2~740.nx~738.o1~740.r3~740.t7~740.tt~113.um_3~112.ul_5&met.1=1.ko6joiyl~6.0~7.0~8.0~9.0~10.0~12.1~13.fv~14.fw~15.g4~16.j3~17.j3~18.j3~19.o1~20.o1~21.o1~22.jd~23.jd&met.7=CAUQCBgBML0EOOIGaAFwvAR4y6gBgAGxqAGIAdblArABAbgBAw~CBwQBhgBINUEKNUEMOkEOBRo1gRw5wR4P4ABKogBKrABAbgBAw~CBwQChgBINYEKNYEMN8EOApo1wRw3gR4sgqAAZcKiAHRE7ABAbgBAw~CCoQChgBINYEKNYEMPAEOBo~CBwQChgBINYEKNYEMOAEOApo2ARw3gR4_yuAAeQriAHbZbABAbgBAw~CCgQBRgBINgEKNgEMO4EOBZo2gRw7QR4E7ABAbgBAw~CCkQBhgBINsEKNsEMIAFOCVA3wRI3wRQ3wRY7ARg3wRo7gRw_wR4pJACgAGGkAKIAYaQArABAbgBAw~CBwQChgBINwEKNwEMOsEOA9o4ARw6AR4jzeAAfQ2iAGiiAGwAQG4AQM~CBwQChgBIN0EKN0EMO8EOBJo4QRw7AR4gBWAAeUUiAHBMrABAbgBAw~CCIQARgBIN8EKN8EMI4FOC9o4QRwjQV4GLABAbgBAw~CCcQChgBIOAEKOAEMO8EOA9o5ARw7QR4gHeAAed2iAGKxQKwAQG4AQM~CCcQBRgBILEFKLEFMNgGOKcBaNEGcNcGeORBgAHLQYgB6rIBsAEBuAED~CCIQARgBILEFKLEFMNkFOChosgVw2QV4F7ABAbgBAw~CCgQChgBIOQGKOQGML0IONoBQMwHSMwHUMwHWIsIYOUHaIwIcKgIeKOnAYAB9aIBiAGZrgOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:803::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A647 0
45 B 273ms
100ms Ping
image/gif 2607:f8b0:4006:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~ko6jojtd&chm=1&ctx=2&gqid=-AuOYNbYBOWqrATp_YyQDw&qqid=CL3oiLH3qfACFdNa4Aod1VUClw&met.4=fb.am~lb.ed~ol.qj~bdt.-4d~bpp.-2a~idt.-4~dtd.-1~dt.-2b&met.3=739.ed~374.eo~740.eu_1~740.ev~740.ew~740.ew~740.i1~740.i1~740.jf~740.ku~740.ku~740.lu~740.no~740.np~749.qe_4~738.qi~735.qr_1~740.qv~740.qv~740.tl~740.tm~113.ul_2~112.ul_3&met.1=1.ko6joiys~6.1~7.1~8.1~9.1~10.1~12.2~13.af~14.ag~15.ai~16.ee~17.ee~18.ee~19.qj~20.qj~21.qj~22.ek~23.ek&met.7=CAUQCBgBMPgCOLsHaAFw9wJ4mqkBgAGAqQGIAbXmArABAbgBAw~CBwQBhgBIP0CKP0CMJADOBNo_gJwjQN4P4ABKogBKrABAbgBAw~CBwQChgBIP0CKP0CMIUDOAho_gJwhAN42AyAAZcKiAHRE7ABAbgBAw~CCoQChgBIP0CKP0CMKIDOCU~CBwQChgBIP0CKP0CMIYDOAho_wJwhQN4zyyAAeQriAHbZbABAbgBAw~CCgQBRgBIP8CKP8CMJQDOBVogQNwkgN4rQGAAZUBiAGKArABAbgBAw~CBwQChgBIIMDKIMDMJYDOBNojQNwlAN4jzeAAfQ2iAGiiAGwAQG4AQM~CCkQBhgBIIMDKIMDMLcDODRAkANIkgNQkgNYpgNglwNopwNwrwN4rZMCgAGGkAKIAYaQArABAbgBAw~CBwQChgBIIMDKIMDMJwDOBlokQNwmgN4gBWAAeUUiAHBMrABAbgBAw~CCIQARgBIIUDKIUDMPwDOHZAiANIjANQjANYzwNgnwNozwNw-wN4vwSwAQG4AQM~CCcQChgBIIYDKIYDMJsDOBVokQNwmAN4gHeAAed2iAGKxQKwAQG4AQM~CCcQBRgBILEDKLEDMLkDOAhosgNwuAN45EGAActBiAHqsgGwAQG4AQM~CCIQARgBIJQEKJQEMOMEOE5AlQRIlQRQlQRYuQRglQRouQRw4gR4F7ABAbgBAw~CCgQChgBIMMHKMMHMMUIOIIBaIQIcLYIeLqjAYAB9aIBiAGZrgOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:803::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210428&jk=1056943478793963&bg=!ICOlI2fNAAZLnZBaS507ACkAdvg8Wr3GqFLwIuaOIx3CM92j4JRTPtGeFPVgVLRitj21qEQ_E7xQWAIAAABzUgAAAA1oAQcKAAd7Zq4VyTB8mQJGQyxXj8OiT8bl1cjQmONqYBx4i-EVtM5Fm5kU7Uu5pE1L4PHoBiFGFy3qp9GKL2NPOXKmAiXEd4taaHU6_OEg-VCVqLZ-0GspHEmiPaH1_Szf6r4YZqZEhalRwRKhk72m8dHc-cjr50wb9ZMmN9Q3Kdw76LQCq1J8tPISI7RXwUmJEPoa8ko12KkGKxfqq2S76MLQb-SGyLcyweTn_4QRrnqT9ehCBjXslvZVgi1gr540K572W6jE2RNRn-lzgwfJeRrP8J9UZwjuwsFwnDKk-BG2ZbOH1UwjvBx5MEzub8veKw6qtVvynBLSRsALPpwdtVi3znLK8L_-MCeZnveXB82ev0LW4KTOBF5CEtgrlvkhputQKsAKdgslTSt1beD2mKFLxyXhux_9wCLGCMdMMkkT-hL2EJcqYG6_cTjNEJAw6TVfaGLmX8Kn16gROUkruu_Yc34zm_aSRd59JZGf1ECcdAmMdvLtoWas3v49XcToQV8XMncdiflCXaHMEoxgl8JWq8bZaoBpJNETMkNnuEz_XxhT7CRaGzsKZ1IZp0YK7YHzMsyoypw8LB2aO_8QeMhleeJ-a-uZfjxy7z0vcu09ej96PwIJR2d_oBLILplx5OtRMYHKl17L7D6VWFhl06Scp7AFbNoamGYFc70qZlF-PXt1XsOTVFiSupua76hYYw26H1U8UiW99_AGdsF72lcATXH_kEyyyhfG4HwCOuiPje4Bo4PyxOECEBgeBGCrmm-G6mt5t51UM2dpRMYhnp8f28Yc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB1C 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZqaCFjh1Ah-pOlg3s6KT6NwIqfys9UEceownuLFZPnSMpeejb9X7oII0pNnDZkCKDKTgZobjikl_MtBbS-webC7UsJ1qGUwVK28bkHgWf1wVi&sai=AMfl-YRYIiGw4fcSNgFi9Zg6EB3UOJ9Qgtqx9RUWIwfop_go7S43UGQ2nMpx7Gr-_aX3npx6r4CJw1zxQ3bD&sig=Cg0ArKJSzDCbqJEu_i75EAE&cid=CAASBORo9yU&id=lidar2&mcvt=1000&p=163,639,417,939&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1476293939&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619921912061&dlt=385&rpt=46&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A647 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnayC_w4zN2TX4i8g9brxWFufSTQTlxBbOU4Eb56ddaEg8pdwTqG-kXF6HsosEOL8BAjhUq-PdKxys649Bcb7seFQK94gcC4MC6WlZKxNgptDJ&sai=AMfl-YTKjflFWKGqEPs1dYD00faVi0y1RISCyB2HSqdKgj87n-CM7XtCg8VV3CiN6xS8ZIbG8IlwQJ9XZVTL&sig=Cg0ArKJSzH86wCEn5QMaEAE&cid=CAASBORof1w&id=lidar2&mcvt=1000&p=163,979,417,1279&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1476293939&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619921912068&dlt=0&rpt=47&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ 0
17 B 194ms
100ms Ping
image/gif 2607:f8b0:4006:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~ko6joiyv&c=1056943478793963&e=31060828%2C21066613%2C21066615&ctx=1&met.3=779.il_1~164.iq_c~165.in_f~164.j4_2~165.j2_3~164.j6~165.j5_1~166.ig_q~779.j8_1~166.j7_3~779.jd~166.jd_1~326.ka_2~827.kb~161.kc_3~216.k7_a~215.k7_a~843.k6_b~868.kh~639.kx~160.kx~326.l0~827.l0~161.l0~216.l0_3~215.l0_3~868.l2~639.la~160.la~189.la~326.lc~827.lc~161.lc~216.lc_1~215.lc_1~868.ld~639.lh~160.lh~112.lj_2~189.ll~189.ls~298.me~298.mf~298.mp~155.lw_y~629.mv_1~143.pm_2~143.sg_1~129.tw~143.v9_2~132.zz_1~132.102~168.102~168.102_1~168.103~168.103~168.103~168.103~168.103~168.103~168.103~168.103~168.103~168.103~168.103~168.103~132.103~132.104~143.104_4~129.10x~143.133_2~132.14k~132.14l~168.14l~168.14l~168.14l~168.14l~168.14l~168.14l~168.14l~168.14l~168.14l~168.14l~168.14l~168.14l~168.14l~168.14l~132.14l~132.14l~143.168_2~129.17v~143.193_2~154.1c0~143.1c2_1~113.1c9_2~153.1f0~129.1f0~143.1f0_1~143.1hu_1~143.1ko_2~143.1nk_2~143.1qe_1~143.1t7_1~143.1w0_1~143.1yt_1~143.21n_1~143.24g_1&met.7=CBsQCMAB8avm6AI~CAEQChgBIOkEKOkEMI8FOCZA6gRI6gRQ6gRY7wRo7wRwhAV4vPoCgAHr9QKIAeGhCLABAbgBA8AB9uaergc~CBsQCiDuBDgIwAGl7sKoCA~CBsQDSCUBTgOwAGAkfKHCA~CBwQChgBIKAFKKAFMM0FOC1ooQVwvQV415QFgAH7kgWIAcf3DbABAbgBA8AB47a-0gg~CAwQBRgBIK4FKK4FMLUFOAdorwVwtAV44ySAAaQkiAGxULABAbgBA8AB8rLMywQ~CBwQChgBINsFKNsFMOMFOAho3AVw4gV42JkBgAG8mQGIAeqNA7ABAbgBA8AB7Z_nugU~CC8QBxgBIOkFKOkFMPkFOA9o6gVw-AV4pQGAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBIOoFKOoFMPkFOBBo6gVw-QV4pQGAAWSIAWuwAQG4AQPAAZv_iccH~CBsQChgBIOUFKOUFMIoGOCZo5QVwigZ4jAKAAcgBiAHVAbABAbgBA8AB5Krg8AI~CCoQChgBIPEFKPEFMIIGOBHAAab7gJMH~CAUQBRgBIPAFKPAFMKIGODJo8QVwogZ4OIABIogBNrABAbgBA8ABkMey8Ag~CBsQBiDpBDjsAcAB_fKwhAI~CAUQBRgBIIQGKIQGMPwIOPgCaIUGcPsIeJqpAYABgKkBiAG15gKwAQG4AQPAAZDHsvAI~CAUQBRgBIPwFKPwFMLkKOL0EaP0FcLgKeMuoAYABsagBiAHW5QKwAQG4AQPAAZDHsvAI~CBsQCDjADcAB8avm6AI~CCcQDRgBIMANKMANMNcNOBdoxA1w1g145TuAAc47iAG0TrABAbgBA8AB8_LLrgs~CBsQBiDjDTgKwAHow82fBQ~CCcQChgBIOQNKOQNMPYNOBHAAeLBm9oF~CCcQBRgBIIIOKIIOMIkOOAjAAY3TtMwJ~CBwQBhgBIKcPKKcPMLcPOBBoqA9wtg94FLABAbgBA8ABlITitQ4&met.1=1.ko6joidc~6.0~7.1~8.2~9.2~10.k~12.k~13.h1~14.h2~15.h3~16.h9~17.h9~18.h9~19.1bz~20.1bz~21.1c0~22.i4~23.i4
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/rum_fy2019.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:803::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://capitalonelocations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 02 May 2021 02:18:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capitalonelocations.com/	1970-01-20 03:20:17	Name: __gads Value: ID=c29e1452d7e739a4-22fd4154f9c700db:T=1619921912:RT=1619921912:S=ALNI_MYH55o7HGR5XfPshQlyx-vbNREFWQ
.capitalonelocations.com/	1970-01-19 17:58:41	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 03:20:17	Name: IDE Value: AHWqTUk8QUIryGHjjan-LPqs1cfIPaaAwIN0UnoUFd2-9O_qrc5nMSzMmRPoS3AE
.capitalonelocations.com/	1970-01-19 18:00:08	Name: _gid Value: GA1.2.217429405.1619921912
.capitalonelocations.com/	1970-01-20 11:29:53	Name: _ga Value: GA1.2.16493653.1619921912

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
capitalonelocations.com
cm.g.doubleclick.net
csi.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
142.250.185.162
142.250.185.66
142.250.186.34
172.217.16.130
2600:1f18:612b:4216:5e41:f643:f5d9:712d
2607:f8b0:4006:803::2003
2a00:1450:4001:802::2001
2a00:1450:4001:80f::2006
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
50.87.150.218
0184bf9e390943d9cbbd488e81e50f656db9aa56a90590de9b0f9761bd08bd70
09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
20033b8041d2d21834b765b4a1bc8cf0dfcca5985508bcec348e8124e06cf8bf
271b52536dd08a5712dc7ab577de4f9f2fd8641bd5538177ee783e3579f79f6a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
41f89471975c4db3509e6ecbad447b22d4ec787accf94df53ae6984bffcad69e
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
765d5ab5c163f871c57f7a3d2a7701b51315222b9a713c6d305a9a31b3724266
7ef55e7d5a3d32f4c2208dba46b4ca1eeab8c88667c8a5a195e57b87b8244b05
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9a86e22701cee20d5f335d0fcef3c6e017b3ec2c3fa1ddc0675776ac6bb15d1a
9be8c56e90a9a5d6121f0651a0e493f9ec66e5b0258c2d4a2b33225a0a3e2c41
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a46a07c3d4d62ab8017abd9b7f57d0eb11209d23e0230720f8220a9175da4d24
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
b30dd0ec7177b7246bcf5646a2eff9f0dac3a77ce5d65a0d914ca885d95fbb28
b3a636bfc4b653ee36b19a656d15652248c5a525882acdf888cb4810ac16a3f6
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed7e8028f6074550ec015c951f6163e9f8bd7af123bc6d1f09140da8ba51c0d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff016a7705bb98e34908e41f5db86978ffbde1ef819d57c2708b3c8091ed0e3e

capitalonelocations.com Open in urlscan Pro 50.87.150.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

58 Requests

95 %HTTPS

71 %IPv6

11 Domains

15 Subdomains

18 IPs

2 Countries

545 kBTransfer

1333 kBSize

5 Cookies

53 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

capitalonelocations.com Open in urlscan Pro
50.87.150.218 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

95 %
HTTPS

71 %
IPv6

11
Domains

15
Subdomains

18
IPs

2
Countries

545 kB
Transfer

1333 kB
Size

5
Cookies

58 HTTP transactions
2 data transactions