advisor.samsungoneui.com Open in urlscan Pro
2606:4700:3037::6815:1994 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://advisor.samsungoneui.com/
Submission: On March 18 via api (March 18th 2024, 11:24:58 am UTC) from US — Scanned from US

Summary HTTP 89 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 7 domains to perform 89 HTTP transactions. The main IP is 2606:4700:3037::6815:1994, located in United States and belongs to CLOUDFLARENET, US. The main domain is advisor.samsungoneui.com.
TLS certificate: Issued by E1 on February 18th 2024. Valid for: 3 months.

This is the only time advisor.samsungoneui.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:303... 2606:4700:3037::6815:1994	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
3 10	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
23	2607:f8b0:400... 2607:f8b0:4006:81e::2001	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
6	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
89	10

17 2606:4700:3037::6815:1994 (United States)

ASN13335 (CLOUDFLARENET, US)

advisor.samsungoneui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:821::2002 (United States) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4006:81e::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	753 KB
17	samsungoneui.com advisor.samsungoneui.com	338 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	182 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39	133 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 144
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	4 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
89	7

	Domain	Requested by
23	tpc.googlesyndication.com	pagead2.googlesyndication.com advisor.samsungoneui.com googleads.g.doubleclick.net tpc.googlesyndication.com
18	pagead2.googlesyndication.com	advisor.samsungoneui.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
17	advisor.samsungoneui.com	advisor.samsungoneui.com
10	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.gstatic.com	advisor.samsungoneui.com googleads.g.doubleclick.net
6	www.googleadservices.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	advisor.samsungoneui.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
89	9

This site contains links to these domains. Also see Links.

Domain
url

Subject Issuer	Validity	Valid
samsungoneui.com E1	`2024-02-18` - `2024-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://advisor.samsungoneui.com/
Frame ID: 852F64BDF4C61B219588C00C3902A425
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2087125206344869&output=html&adk=1812271804&adf=3025194257&lmt=1710761090&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fadvisor.samsungoneui.com%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710761090331&bpp=7&bdt=336&idt=402&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=951732437391&frm=20&pv=2&ga_vid=1874334253.1710761091&ga_sid=1710761091&ga_hid=1809046787&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95326317%2C95327950%2C95327955%2C95321963%2C95322398%2C95325785&oid=2&pvsid=1352787815965315&tmod=1937541688&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=435
Frame ID: E5C71239B83B723A471DDFF240FB2651
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: FF3D75F54F2518492DC577461330DFA4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: 2915BF1BDA53F580B3AAAC8C712AE287
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: 8DF4190F1F6AD37B213BE93F8C6B1A9A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: 44E96D00AFEB7CBBABA28F9552CC8627
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 0535A701621234F8601D24E68E8D869E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9A05FDF90759A2703EEFE65995D6CB56
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EAB635EF5FAFE4A2D6C42C3FEB59EBE1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js
Frame ID: 30310E496D6E3AF48B245A1AE0B7D3EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2198774389B2DA3E1C64DF37A47D7691
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js
Frame ID: 5B38414BF1A693CC537F3EA1D92B7DDD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js
Frame ID: EDD4CEB2EB51B2E642E95D1C8AE87F90
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js
Frame ID: B82CE20E9574E58A14DB21B21FE4B27B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

advisor.samsungoneui.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

89
Requests

96 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

10
IPs

1
Countries

1413 kB
Transfer

3941 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://url/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://googleads.g.doubleclick.net/pagead/adview?ai=CE-2CgiT4ZfPbMYKjoPMPs6q76Am6ovWgdryVqLHWEN6UyIqMDhABIMqx_k1gycapi8Ck2A-gAfXrjvkCyAEJqAMByAPLBKoEmgJP0F6XOmyf0q_7_VC2KgwWE5MMSBAo0I9f15egk5JjG-gRjrijL2T9uI7Auho17s3QGQq5oR6pAwx7OKgvtMkEtgvRd1vGmjmrKXW6an55TmyXEbzkXJF4WDz-Cr0L-adzkwNnQT3vqBveGu59jqPatVGXT-xv4BZbKkXgTZgunVpU2V5WJhJVwoDJEZHTsF-2kw-daKVKk7mnAHXTSOWnx2akxhOOvUin5FQ4v3o6GsSIPtlpXcVZX39BHzdl8QFS3iAkk-oteIZNlwELiRuTnop7dk_YhIAgwDz4vKanLi8W6KTLerz9TuJuvROB9W5VF_5B4KTkFZIetIAzwAK5-GfLgULPfosl0pP-nz9TTOlH68BB24131HHABLL7keqhBIgFr_qWwkaSBQQIBBgBkgUECAUYBKAGLoAHsrLmwQGoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAPIHBBDF8BfSCCQIgGEQARgfMgKKAjoJgECAwICAgKAoSL39wTpYm_nz2Nn9hAOaCeoBaHR0cHM6Ly9zZWFyY2gueWFob28uY29tL3locy9zZWFyY2g_cD1FbXBsb3llcitvZitSZWNvcmQrRW9yJmhzcGFydD15YWhvbyZoc2ltcD15aHNtLWcxODBhJmdfYXA9Z2d0MiZndHlwZT0tS3dnJTIwRW50aXR5JTIwMTIxam5xMW0tbWt3LS1kYy1tdC02MzQ5NzQ0ODc4MTUtcy1wdGlkLS0tcGdyaWQtMTQ2NTE5OTE1OTU0LWNwZ25pZC0xODkyOTI3MDA2My1uLWQtcGwtYWR2aXNvci5zYW1zdW5nb25ldWkuY29tgAoByAsB2gwQCgoQ0J7Dmdv56foGEgIBA9gTDIgUA9AVAYAXAbIXHAoaCAASFHB1Yi0yMDg3MTI1MjA2MzQ0ODY5GACyGAkSAvpTGC4iAQA&sigh=isKCwRFVLAA&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqtpaEgtrocj2hYnBLad_gvyagVMb95WGFAUNjrWfOZXL-4xccKpUOvBGpbYVxyVM2Z-9f75xCNojX6eCSBtoxD4bi4XDMzb3FdhgB&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8ecab00f61dd36040000000000000000%22,%222%22:%220x6c8e69364a7215970000000000000000%22,%223%22:%220x8cd6aa1f212fd3380000000000000000%22,%224%22:%220xb8a8eb58c5850d090000000000000000%22,%225%22:%220x227342cc6a540e820000000000000000%22},%22debug_key%22:%229227286902807925145%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22790869493%22],%2222%22:[%22true%22],%224%22:[%2203-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216582963923223529265%22}&andc=true

Request Chain 78

https://googleads.g.doubleclick.net/pagead/adview?ai=CRYC-giT4ZfTbMYKjoPMPs6q76Am2vYCQdu7N6YfKEsCNtwEQASDKsf5NYMnGqYvApNgPoAG7moKqPcgBAagDAcgDywSqBKICT9BIQloDWp6wes_bjcMDIZF3QTxF7CrJR5wpGZPetFwcI8EiAGoWue-wyzDQ5t6WJsuxSc-sQbQzqJnXD_NOhKUEVk-BLUT9pOYgzvv6FP_g12ctUiceQtcFh2qiUxShqbaq6OzGC3J_MX6YH2tS-9ufgc4ndGtAsKLW3SlA84JRKV2dPwktmrX1yp_E5AgqVubrNqwI_HrxHsIAPFRd1cK5GVLzpUi0ajAbA-ByrgYKhFeVIbTcbDaexrzLIh5-A4PuK1CANFndKcqgoXmMUto-VIe84QYxHSLFfFDYFyJkQPPViNvgKmRHSHOiUPpx7num4KygLpcWySZXQbLuLbArl1YsnDFhJKGIQdcZPphCH7k2ltskr7L2PFheffuQYErABITmutPxBIgFjaC4qE6SBQQIBBgBkgUECAUYBKAGAoAHu9LSiRioB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAfIHBBDR6SPSCCQIgGEQARgfMgKKAjoJgECAwICAgKAoSL39wTpYm_nz2Nn9hAOaCTFodHRwczovL3d3dy5hbW5ldHN5c3RlbXMuY29tL3NlcnZpY2UtYXVkaW8tdmlzdWFsgAoByAsB2gwRCgsQwO_rkvH--LTgARICAQPYEwrQFQGAFwGyFxwKGggAEhRwdWItMjA4NzEyNTIwNjM0NDg2ORgAshgJEgLvThgCIgEA&sigh=fzQGqMgCKMQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqtpaEgtrocj2hYnBLad_gvyagVMb95WGFAUNjrWfOZXL-4xccKpUOvBGpbYVxyVM2Z-9f75xCNojX6eCSBtoxD4bi4XDMzb3FdhgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x65c6e5415b41e01c0000000000000000%22,%222%22:%220xd7a07ba1f7add52f0000000000000000%22,%223%22:%220xd7b20a920b7eb0d70000000000000000%22,%224%22:%220xa76705a10e2370fb0000000000000000%22,%225%22:%220x1a8146d5a867ffa80000000000000000%22},%22debug_key%22:%227944781182098146528%22,%22debug_reporting%22:true,%22destination%22:%22https://amnetsystems.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216462679355%22],%2222%22:[%22true%22],%224%22:[%2203-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214536790215213456209%22}&andc=true

Request Chain 82

https://googleads.g.doubleclick.net/pagead/adview?ai=CgAAZgiT4ZfXbMYKjoPMPs6q76AnksLG6drLghYfTEo2z_MmVDhABIMqx_k1gycapi8Ck2A-gAaf798coyAEBqAMByAPLBKoEkgJP0HP_FwLq02gevhQQzbl5eWpXKenWwsiMjeDj6PAuMJ2_6I0LzJEH4b2ho3XRlD-Pk_8AkwySku25NEMF58fuKt8wTKBxFO8D8HBlh4ZTpFHICDhzO08ijvj511GvcaKaKRAyYgdSYtO9qy-9AaPxUD6D9yOCS-hcuEYuyxAXYzX0V97tBazaGhjBetDVMnDtozhq-CSpbsBDDSO47DW3g7XXcVIbCsLDaSMXuU4W3ieBK-NkK87RGUdKE9Uv3J_DN9PAoGPHBvgkWKseDzBOUWj2QTYGB6vGjxNo4F3pTx_4VLxzcLACQ-h_kJbfGik1SNCDvek_IAOkjshydv3gVRT3wzBu4Atxwo8C_qAoo03YwATqiqKl2wSIBY_i5qdOkgUECAQYAZIFBAgFGASAB5e12JoFqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwHyBwQQzdog0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WJv589jZ_YQDmgllaHR0cHM6Ly9yZWxhdGVkLmFtaW5lcnkuY29tL2FydGljbGUvc3RyZWFtbGluaW5nLW1lZGljYWwtcHJhY3RpY2VzLXdpdGgtY2xpbmljYWwtbWFuYWdlbWVudC1zb2Z0d2FyZS-ACgHICwHaDBEKCxDQ3M-fgZnl2uoBEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi0yMDg3MTI1MjA2MzQ0ODY5GACyGAkSAtVWGAEiAQA&sigh=7HZIMNwve_s&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqtpaEgtrocj2hYnBLad_gvyagVMb95WGFAUNjrWfOZXL-4xccKpUOvBGpbYVxyVM2Z-9f75xCNojX6eCSBtoxD4bi4XDMzb3FdhgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7ff05cd4db8a20df0000000000000000%22,%222%22:%220x2a475a8a2752383d0000000000000000%22,%223%22:%220xc50967f8d3628d210000000000000000%22,%224%22:%220x8f3fc77570a527440000000000000000%22,%225%22:%220xfd6ab11b18ce5d460000000000000000%22},%22debug_key%22:%2210546115622439940765%22,%22debug_reporting%22:true,%22destination%22:%22https://aminery.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210888281511%22],%2222%22:[%22true%22],%224%22:[%2203-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227399402267143335777%22}&andc=true

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

89 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
advisor.samsungoneui.com/ 60 KB
11 KB 475ms
77ms Document
text/html 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d02f60038c8d4261a0d0c055c2b0cb04bbd6fc4454f3f869c1f4927d1f6cab3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8664dbcbffaf435b-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 18 Mar 2024 11:24:49 GMT
link: <https://advisor.samsungoneui.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=imbSMpLTpjmdYrX6f9%2BoD2WgvG%2BjIZ%2BUacvaj0%2FxFz5%2F6ni0QE5%2BTj90mMuseTiEKOm%2FeSjXyLHQHf4mkCR4Y8Nz0wiawsyxorVpN93GNSgxp3TLkZTeRDWXgt9YH1TtjYKhZZAgJpYoBcU79FBHET6PjGV3eEQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 130ms
100ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2087125206344869

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d605aac3c171ffe64e211c71a46bd1f56916428db57aef1696e0a1add6a5d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advisor.samsungoneui.com/
Origin: https://advisor.samsungoneui.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50811
x-xss-protection: 0
server: cafe
etag: 505495795936755344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 18 Mar 2024 11:24:50 GMT

GET
H2 200 style.min.css
advisor.samsungoneui.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 96ms
86ms Stylesheet
text/css 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 03:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ae43-65ceda56-186fe9;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEpx3nWGZldH5MuDtGH8bVASUxv4%2BPzce0Hv9QxbdVJVDMUM5KhxS5W8022coyuNQwNe56Q22lA8FjLI3XZ%2BLBDApCWAltlO0dpR0HgrD2c62uuAv%2FnxuEyT3x%2FTugpEfxYlHM%2FlCV7T2JnG9Eq1tSDvRgwWSfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8664dbcc9825435b-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 fl-icons.css
advisor.samsungoneui.com/wp-content/themes/flatsome/assets/css/ 328 B
561 B 91ms
81ms Stylesheet
text/css 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 08:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"148-65cf16fa-516ff6;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rC6NTX4EuBEdkMP8%2BF2Wmg5X5w5C4a%2F9TAlMCFt1zTPXDAZLGZi4zuh4UDU%2Fh14Jb2YTAr34p9V0Gts7GkL2aP4Qw55cvmuRiydIy5y99UKzGByYUX4HeiMVr08S7fHkKOPGAbDRJjE8IdhMpGzvJWAXm%2BnehO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8664dbcc9826435b-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 flatsome.css
advisor.samsungoneui.com/wp-content/themes/flatsome/assets/css/ 143 KB
30 KB 128ms
118ms Stylesheet
text/css 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.1
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497b66a80f838d9eb5f619d5af58ae6f8fa8f5790437680a5e87a41cad2f5c19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 08:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"23a2b-65cf16fa-516feb;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yT0dyNcco2ClB3JufasLvj2LNwPJEaoXd0Ci1r34dEKOAJKZjtMLRLEVy5AsGUS8HpkN1vV9GeJjs0OpIO6MLZaVJmd5xYztbv33bA8QoQGR42of3bgyzmWuUj6d%2BRxoocHIho0dLhVO5oudo5wLPkCU3iHCuCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8664dbcc9828435b-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 style.css
advisor.samsungoneui.com/wp-content/themes/flatsome/ 567 B
600 B 92ms
82ms Stylesheet
text/css 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-content/themes/flatsome/style.css?ver=3.12.1
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f576aaa1ac8352e9e0c17cb743536e1488b0518fecc8bba8f8b87b560a0d5cca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 08:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"237-65cf16fa-517060;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xS%2BwmGz7EkR0V2Hniw2H7uYTjOI7ht48HuU4%2FndtgLxcaisS%2BqJRfa1yxSAAq9cOMzciHTK8H6kXmYCWJRTefgJKfsNPEydJsYeN1weIPzGw%2FV6jkFVnft6QuY67Z7T7kHWKAWgZsy02xB5Q8F39gwDMtTmxVOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8664dbcc982a435b-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
982 B 59ms
29ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81e56d1e7da2629d351e861469401069405236f6ff9a5efb1eaa704ef6bba81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 10:49:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 11:24:50 GMT

GET
H2 200 jquery.min.js Show response
advisor.samsungoneui.com/wp-includes/js/jquery/ 86 KB
31 KB 138ms
131ms Script
application/x-javascript 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 03:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-65ceda56-1871da;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DttVTpWo3gM7q1fQGV54tRODSugeeGME9uG8bVq9sodJGu7pKmIxTXfXcyJX%2FwzBZYCQWyDMGl4UxFqFlx8pVmrzkAwrxRlDphzGWn9QTzyOu7HqVCYWU0mZHfPdEidAAEdZxvMwI451m92pRYz3Zf53%2FwEAH38%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8664dbcc982b435b-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 jquery-migrate.min.js Show response
advisor.samsungoneui.com/wp-includes/js/jquery/ 13 KB
5 KB 95ms
89ms Script
application/x-javascript 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 03:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-65ceda56-18722a;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rpjp5Wa8UmyuNaGw6cpYqq076PFUfMalviI5b44omB3wUylJJpI8LBJF1WZK2t%2BXKRjGDG7j8bIV5AuR3zFyl6mArWbxKdFFCNP2zQazz1EApFI4BfvfoES8OrmF5X78NUbGewdjOo3RlipmAUuSNZm%2BWP7HQpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8664dbcc982c435b-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 best-place-to-buy-measuring-tools.jpg
advisor.samsungoneui.com/wp-content/uploads/2024/02/ 42 KB
43 KB 156ms
150ms Image
image/jpeg 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://advisor.samsungoneui.com/wp-content/uploads/2024/02/best-place-to-buy-measuring-tools.jpg
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de755c8dd48bba137d819e8440d032b8f5d6ca767bff28f9a9af3b731e87d501

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 09:32:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a8bb-65cf2bad-188945;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0wfCgZ71Qjaa%2FbfQKudhIg2tkVfgYA0j7twlNZCk7iDXFAEDYE3ab1Pl5S7taYVKxhC83f%2BQ%2BokqL5P4Bd6bPjBJSfA3odpMRAW6GoRbBzvX7NkuS0PQbKSFDUSstmPcRAWdpjqsBQsfVAP%2BGgvjT82te6h5mk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8664dbcc982d435b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43195
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 business-advisor-company.jpg
advisor.samsungoneui.com/wp-content/uploads/2024/02/ 27 KB
28 KB 123ms
117ms Image
image/jpeg 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://advisor.samsungoneui.com/wp-content/uploads/2024/02/business-advisor-company.jpg
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91cabdd56dd979b98dd3cb5203c3eaf459b9b56593cb8164922f6379638b67bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 09:03:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6d78-65cf24e2-18890a;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bDpu36ms4Sqo6pyjgvHKAteLpsZu%2BrhR5Uqvox0UfIKbeK6B2xBIDp71vr4bgVWT0qUigM4XHK20voMEBaIsqtFXuHXfpr8FMWUAOhMcv%2FuXy%2FfzQCZz7Vh8r8AsVjt2xnPRBRcUj2AieiJsEhfwyyDwMD%2BGJCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8664dbcc982e435b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 28024
expires: Mon, 25 Mar 2024 11:24:49 GMT

GET
H2 200 where-to-buy-pex-plumbing-tools.jpg
advisor.samsungoneui.com/wp-content/uploads/2024/02/ 53 KB
53 KB 175ms
170ms Image
image/jpeg 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://advisor.samsungoneui.com/wp-content/uploads/2024/02/where-to-buy-pex-plumbing-tools.jpg
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa3fc9c307fa9a2c8b7e8c01b8846eefa4e20271ebe4f0897d6e871d6cf67304

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 08:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d22c-65cf20e3-1888d5;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eTqB1YnxK0vTsVYV%2BBOUNs%2BfkvrdKDF5HVC35haMKgUo1jWG%2FMbMIrsAEFd7lm%2FRjiWGXULx9MmUGbLCqB%2FB2d2Seu6ZhS2kXlszFECdzfImrGGCc9hfSIZHwAi4NjCjpRcrR02cMgnOZvVCyybewDP1F5k68KU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8664dbcc982f435b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 53804
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 email-decode.min.js Show response
advisor.samsungoneui.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 51ms
4ms Script
application/javascript 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://advisor.samsungoneui.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2024 18:07:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f099fc-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCtCZ1fE92niheWuvHfkyyhMUTFEvXCDA%2B8bNVOGaG8kbomFNrZLEDc3XBGcwxif5Ly1cM2HcgAPC9Xw0z9Yc79jv%2FYSyNnOhvEC%2F2zv1TJsaDyGUkKr0e%2B5rlb0qyKGsMM7tuEaLjvpGIw%2B2dCxSpffHpxVzVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8664dbcd98e7435b-EWR
expires: Wed, 20 Mar 2024 11:24:50 GMT

GET
H2 200 flatsome-live-search.js Show response
advisor.samsungoneui.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ 16 KB
5 KB 104ms
67ms Script
application/x-javascript 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.1
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 08:04:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3e04-65cf16f9-516a55;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCd%2FdtcoFZpKUJ4ByIE0S4J3YJ57kI1xY%2FwGp%2BfKVo4o%2B2NyM5cmOwjqB9f3sX3srNumIggE4HS9Si13uH7JZnU6cNuZZKwsyXpXIQNlcXHuVyE9vo9GW9WjMd38Qajgy8v6upYrT9cp9fLlNR8OnBlwaTxiLCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8664dbcde97b435b-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 hoverIntent.min.js Show response
advisor.samsungoneui.com/wp-includes/js/ 1 KB
1 KB 120ms
74ms Script
application/x-javascript 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 03:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5db-65ceda56-18731c;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLlYE40iulVAG9lmcUPSTzVe%2BCLhjB8%2F0s8%2B2vEBorKQrMABjW5Qe%2BM2QF844%2FiFsVS2fBweinIQY6aw0rh2IxWJSMVrWd66%2FmTeQogo79814gAn3wfBqCYqqzCW6f4Ze5FLyvWYmbuNYkXQGa%2BLHBvsrUyViwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8664dbce0992435b-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 flatsome.js Show response
advisor.samsungoneui.com/wp-content/themes/flatsome/assets/js/ 169 KB
51 KB 188ms
142ms Script
application/x-javascript 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.1
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 08:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a4c3-65cf16fa-516fff;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jN%2BLOEEBdN184lHp083N3WFDbm59u4EvbgHJ%2BwJ43kiy9t1ByWvRNFE4fCH76Ffih4n8McxKcB2Vq43hRXHtIqXVHkQ8K6EpiLUBnUCXetFtiMgbwi%2FIt7XCXADh43hZSzCBHrfxthurO65jIs%2Bt%2Fir3OxNKWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8664dbce0994435b-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
BLOB 200
OK 2c41d801-2b14-4791-934e-68957ed516e1
https://advisor.samsungoneui.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://advisor.samsungoneui.com/2c41d801-2b14-4791-934e-68957ed516e1
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 64ms
0ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://advisor.samsungoneui.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 09:03:58 GMT
x-content-type-options: nosniff
age: 440452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 09:03:58 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 63ms
0ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://advisor.samsungoneui.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:43:36 GMT
x-content-type-options: nosniff
age: 398474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 20:43:36 GMT

GET
H2 200 fl-icons.woff2
advisor.samsungoneui.com/wp-content/themes/flatsome/assets/css/icons/ 6 KB
7 KB 98ms
67ms Font
font/woff2 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67

Request headers

Referer: https://advisor.samsungoneui.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Origin: https://advisor.samsungoneui.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 08:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1988-65cf16fa-516fe8;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nw%2B6yYXLRw9wjpsnc%2B8jQ8Ms2jsFKVMiZyM7MyqxlGjV4o4tBL%2FCOvQWviKGXKORp8IME4xRMYGg0YvMJts%2BYT%2BqtXkRd%2FAMjmJVtOnXDIfmQrHv43iePYLN5LuXuziRZOqfhNTReajN5dba0xkzx7noBgP8rFI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8664dbce19a7435b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 6536
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 hot-tub-plumbing-tools.jpg
advisor.samsungoneui.com/wp-content/uploads/2024/02/ 51 KB
51 KB 165ms
137ms Image
image/jpeg 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://advisor.samsungoneui.com/wp-content/uploads/2024/02/hot-tub-plumbing-tools.jpg
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a0989edcc761ce4fbfb2900517b55b48d922781bec302a9349393f84c37363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 08:37:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cb0b-65cf1ebe-188897;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JnVP%2BtynQg2v1pJ3G3hlD9dlqstWlDZyrkUHDhPDmYasCGaufizUNWeM4Rs7%2BG5xgxFfzC8EGhmhH5RDt0tclxAC29hldREyOTvvmtUaA6GpgYCmiyN5gw3zQUer2NIzfcOOoV1Y7l6bZpeNGdCtTqcpirsJJKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8664dbce49bd435b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 51979
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 405 KB
138 KB 142ms
90ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2087125206344869

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c24812b57ca05b6ad7e7bae77dc988219c5d0e300f4c2441dc8f317e93cadb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140955
x-xss-protection: 0
server: cafe
etag: 3370631535919254095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 11:24:50 GMT

GET
H3 200 wp-emoji-release.min.js Show response
advisor.samsungoneui.com/wp-includes/js/ 18 KB
5 KB 93ms
88ms Script
application/x-javascript 2606:4700:3037::6815:1994
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advisor.samsungoneui.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 03:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-65ceda56-1871af;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCBkzwvcr3jvb24RPeEdRgvu2q7ZjeVsdt3J8b0ibYdamk5bmSUg5VC4duWV6YdG5dIavjIMnwQisohmPbqCgNWB%2FcqBFKJtCDGU%2F5WF0DERRxUI4n0G1f88wqhrJeXIV12gVo4SQNh9uz4xKxjub0cQJyT0Mdg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8664dbcf6bac0f73-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Mar 2024 11:24:50 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E5C7 687 KB
117 KB 759ms
739ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2087125206344869&output=html&adk=1812271804&adf=3025194257&lmt=1710761090&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fadvisor.samsungoneui.com%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710761090331&bpp=7&bdt=336&idt=402&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=951732437391&frm=20&pv=2&ga_vid=1874334253.1710761091&ga_sid=1710761091&ga_hid=1809046787&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95326317%2C95327950%2C95327955%2C95321963%2C95322398%2C95325785&oid=2&pvsid=1352787815965315&tmod=1937541688&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=435

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02d37a64188244eb330571432b0c343cd6a26028402550d789b44bf3b7322e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advisor.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 118964
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 11:24:51 GMT
expires: Mon, 18 Mar 2024 11:24:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 124ms
70ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1cab60edf12e7afbd01c88dbd984900cf179f4ed83bf9fd99d74e3987decdf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12432
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 166 KB
56 KB 97ms
85ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc25be167800b6450dfb024fd3f885ad88a8a7a9ed7115ff53be522ff91946d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: cafe
etag: 8245271108359714130
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 11:24:51 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame FF3D 9 KB
4 KB 36ms
0ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advisor.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 19:52:50 GMT
etag: 5035419970550746386
expires: Sun, 31 Mar 2024 19:52:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame 2915 9 KB
4 KB 34ms
14ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advisor.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 19:52:50 GMT
etag: 5035419970550746386
expires: Sun, 31 Mar 2024 19:52:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame 8DF4 9 KB
4 KB 40ms
21ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advisor.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 19:52:50 GMT
etag: 5035419970550746386
expires: Sun, 31 Mar 2024 19:52:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame 44E9 9 KB
4 KB 37ms
20ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advisor.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 19:52:50 GMT
etag: 5035419970550746386
expires: Sun, 31 Mar 2024 19:52:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 87ms
18ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 11:24:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0535 2 KB
587 B 49ms
18ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 11:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 10:16:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 11:24:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 0535 2 KB
875 B 34ms
0ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 0535 23 KB
9 KB 33ms
0ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 0535 3 KB
1 KB 34ms
0ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 0535 20 KB
8 KB 30ms
0ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0535 208 KB
63 KB 40ms
31ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 10:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 11:36:58 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 0535 36 KB
15 KB 86ms
6ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 21:11:28 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame FF3D 15 KB
6 KB 51ms
5ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b5a4e5208642cc79fa1cbf1c0bc831d41a4bbab2f3be66ae814dd26a9ba9bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6460
x-xss-protection: 0
server: cafe
etag: 5807243554008179978
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:43 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FF3D 205 B
296 B 62ms
5ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:53:42 GMT
x-content-type-options: nosniff
age: 397870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Mar 2025 20:53:42 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FF3D 604 B
1 KB 61ms
4ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:52:19 GMT
x-content-type-options: nosniff
age: 397953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Mar 2025 20:52:19 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame FF3D 22 KB
9 KB 44ms
24ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b2685ea894c514e15f58420b40933b08f0b2baa4cef2a68479acc9a01323b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
server: cafe
etag: 3566326672948847535
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2915 14 KB
1 KB 46ms
41ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 11:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 10:01:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 11:24:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 2915 2 KB
822 B 23ms
22ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 2915 23 KB
9 KB 40ms
28ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 2915 3 KB
1 KB 39ms
27ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 2915 20 KB
8 KB 38ms
26ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2915 208 KB
63 KB 40ms
28ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 10:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 11:36:58 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 2915 36 KB
15 KB 27ms
12ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 21:11:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 8DF4 2 KB
822 B 20ms
19ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 8DF4 23 KB
9 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 8DF4 3 KB
1 KB 24ms
15ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 8DF4 20 KB
8 KB 28ms
17ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8DF4 208 KB
63 KB 38ms
30ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 10:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 11:36:58 GMT

GET
H3 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 8DF4 36 KB
15 KB 31ms
23ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 21:11:28 GMT

GET
H3 200 6e6bd83b1ab90baf29df14fe71898cfa.js Show response
www.gstatic.com/mysidia/ Frame 44E9 9 KB
4 KB 41ms
27ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6e6bd83b1ab90baf29df14fe71898cfa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4dd0bd84759808f306ef41c14dc423f219e09d984ab235ea5433aa5934bcfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 20:55:52 GMT

GET
H3 200 28ac136d23e320f0ea96c52bdea5c3fe.js Show response
www.gstatic.com/mysidia/ Frame 44E9 11 KB
5 KB 38ms
25ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/28ac136d23e320f0ea96c52bdea5c3fe.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

837931d8e29264b164889ae52f00fb11c2d89404f45f97906e5c4e78bf7c3c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4621
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 22:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 21:04:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 44E9 14 KB
1 KB 50ms
37ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 11:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 10:14:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 11:24:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 44E9 2 KB
822 B 26ms
19ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 44E9 23 KB
9 KB 23ms
21ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 44E9 3 KB
1 KB 51ms
35ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 44E9 20 KB
8 KB 35ms
23ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 44E9 208 KB
63 KB 55ms
43ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 10:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 11:36:58 GMT

GET
H3 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 44E9 36 KB
15 KB 49ms
34ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 21:11:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9A05 13 KB
5 KB 34ms
19ms Document
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advisor.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 315668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 19:43:44 GMT
expires: Fri, 14 Mar 2025 19:43:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EAB6 829 B
1 KB 123ms
18ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f96be729a22517b04fdbf23704f3653baf7150df9db7448647c9b033eafcb80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6Om9qjl3z-5xG0CQrY8W-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://advisor.samsungoneui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6Om9qjl3z-5xG0CQrY8W-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 11:24:52 GMT
expires: Mon, 18 Mar 2024 11:24:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3031 52 KB
20 KB 49ms
28ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

777eae4b19c82fc95dc7c4c5c7dd5fcc7c18896981678969b8a889cde6fcd184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 396931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20181
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 21:09:21 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18412150586895681112/ Frame 2915 20 KB
20 KB 31ms
22ms Image
image/jpeg 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18412150586895681112/14763004658117789537?w=400&h=209&tw=1&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03d72a3d243c0fc30f3e56a908417b1103ebf940269a3f5dc3ec1da2397eb73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sun, 16 Mar 2025 10:00:03 GMT
date: Sat, 16 Mar 2024 10:00:03 GMT
x-content-type-options: nosniff
age: 177889
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20120
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 18:47:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 2915 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 283f52f59207debd850eb20d02f82f299f1b2f2a8aa10341b54aca4dd7cef4cd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2915 33 KB
33 KB 25ms
12ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:51:34 GMT
x-content-type-options: nosniff
age: 441198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:51:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2198 143 B
166 B 20ms
8ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 10:55:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 18384362262189894487
tpc.googlesyndication.com/daca_images/simgad/ Frame 8DF4 29 KB
29 KB 22ms
21ms Image
image/jpeg 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/18384362262189894487?w=360&h=720&tw=1&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b5d5aa86f8c3b274e0b6d3645d6bedea3d48d87c1374d739e316e5abd10afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sun, 24 Mar 2024 13:47:27 GMT
date: Sun, 17 Mar 2024 13:47:27 GMT
x-content-type-options: nosniff
age: 77845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29933
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 15:36:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 8DF4 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e08fc57aac7b3f88ecdcaeb1b1c5400086bed980883d808ed3e34fab9ca9c1c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B38 52 KB
20 KB 12ms
12ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

777eae4b19c82fc95dc7c4c5c7dd5fcc7c18896981678969b8a889cde6fcd184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 396931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20181
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 21:09:21 GMT

GET
DATA 200
OK truncated
/ Frame 44E9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f06fa333d76c0cf376e429830334b37d6000d5607ad8f66cd3fc19716ee30775

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2915
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CE-2CgiT4ZfPbMYKjoPMPs6q76Am6ovWgdryVqLHWEN6UyIqMDhABIMqx_k1gycapi8Ck2A-gAfXrjvkCyAEJqAMByAPLBKoEmgJP0F6XOmyf0q_7_VC2KgwWE5MMSBAo0I9f15egk5JjG-g...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8ecab00f61dd36040000000000000000%22,%222%22:%220x6c8e69364a7215970000000000000000%22,%223%22:%220x8cd6aa...

0
0

88ms
65ms

Fetch
text/css

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8ecab00f61dd36040000000000000000%22,%222%22:%220x6c8e69364a7215970000000000000000%22,%223%22:%220x8cd6aa1f212fd3380000000000000000%22,%224%22:%220xb8a8eb58c5850d090000000000000000%22,%225%22:%220x227342cc6a540e820000000000000000%22},%22debug_key%22:%229227286902807925145%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22790869493%22],%2222%22:[%22true%22],%224%22:[%2203-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216582963923223529265%22}&andc=true

Protocol

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x8ecab00f61dd36040000000000000000","2":"0x6c8e69364a7215970000000000000000","3":"0x8cd6aa1f212fd3380000000000000000","4":"0xb8a8eb58c5850d090000000000000000","5":"0x227342cc6a540e820000000000000000"},"debug_key":"9227286902807925145","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["790869493"],"22":["true"],"4":["03-18"],"6":["true"]},"priority":"500","source_event_id":"16582963923223529265"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Mar 2024 11:24:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Mar 2024 11:24:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x8ecab00f61dd36040000000000000000","2":"0x6c8e69364a7215970000000000000000","3":"0x8cd6aa1f212fd3380000000000000000","4":"0xb8a8eb58c5850d090000000000000000","5":"0x227342cc6a540e820000000000000000"},"debug_key":"9227286902807925145","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["790869493"],"22":["true"],"4":["03-18"],"6":["true"]},"priority":"500","source_event_id":"16582963923223529265"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A05 40 KB
15 KB 7ms
7ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 316075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15583
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Mar 2025 19:36:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EAB6 0
0 75ms
74ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240313&jk=1352787815965315&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Show response
pagead2.googlesyndication.com/bg/ Frame EDD4 52 KB
20 KB 8ms
6ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js

Requested by

Host: advisor.samsungoneui.com
URL: https://advisor.samsungoneui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

777eae4b19c82fc95dc7c4c5c7dd5fcc7c18896981678969b8a889cde6fcd184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 396931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20181
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 21:09:21 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8DF4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRYC-giT4ZfTbMYKjoPMPs6q76Am2vYCQdu7N6YfKEsCNtwEQASDKsf5NYMnGqYvApNgPoAG7moKqPcgBAagDAcgDywSqBKICT9BIQloDWp6wes_bjcMDIZF3QTxF7CrJR5wpGZPetFwcI8E...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x65c6e5415b41e01c0000000000000000%22,%222%22:%220xd7a07ba1f7add52f0000000000000000%22,%223%22:%220xd7b20a...

0
0

85ms
64ms

Fetch
text/css

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x65c6e5415b41e01c0000000000000000%22,%222%22:%220xd7a07ba1f7add52f0000000000000000%22,%223%22:%220xd7b20a920b7eb0d70000000000000000%22,%224%22:%220xa76705a10e2370fb0000000000000000%22,%225%22:%220x1a8146d5a867ffa80000000000000000%22},%22debug_key%22:%227944781182098146528%22,%22debug_reporting%22:true,%22destination%22:%22https://amnetsystems.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216462679355%22],%2222%22:[%22true%22],%224%22:[%2203-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214536790215213456209%22}&andc=true

Protocol

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x65c6e5415b41e01c0000000000000000","2":"0xd7a07ba1f7add52f0000000000000000","3":"0xd7b20a920b7eb0d70000000000000000","4":"0xa76705a10e2370fb0000000000000000","5":"0x1a8146d5a867ffa80000000000000000"},"debug_key":"7944781182098146528","debug_reporting":true,"destination":"https://amnetsystems.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16462679355"],"22":["true"],"4":["03-18"],"6":["true"]},"priority":"500","source_event_id":"14536790215213456209"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Mar 2024 11:24:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Mar 2024 11:24:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x65c6e5415b41e01c0000000000000000","2":"0xd7a07ba1f7add52f0000000000000000","3":"0xd7b20a920b7eb0d70000000000000000","4":"0xa76705a10e2370fb0000000000000000","5":"0x1a8146d5a867ffa80000000000000000"},"debug_key":"7944781182098146528","debug_reporting":true,"destination":"https://amnetsystems.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16462679355"],"22":["true"],"4":["03-18"],"6":["true"]},"priority":"500","source_event_id":"14536790215213456209"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 44E9 33 KB
33 KB 13ms
11ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:51:34 GMT
x-content-type-options: nosniff
age: 441198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:51:34 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 127ms
62ms Preflight
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Mar 2024 11:24:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 87ms
62ms Preflight
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Mar 2024 11:24:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 44E9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CgAAZgiT4ZfXbMYKjoPMPs6q76AnksLG6drLghYfTEo2z_MmVDhABIMqx_k1gycapi8Ck2A-gAaf798coyAEBqAMByAPLBKoEkgJP0HP_FwLq02gevhQQzbl5eWpXKenWwsiMjeDj6PAuMJ2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7ff05cd4db8a20df0000000000000000%22,%222%22:%220x2a475a8a2752383d0000000000000000%22,%223%22:%220xc50967...

0
0

64ms
63ms

Fetch
text/css

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7ff05cd4db8a20df0000000000000000%22,%222%22:%220x2a475a8a2752383d0000000000000000%22,%223%22:%220xc50967f8d3628d210000000000000000%22,%224%22:%220x8f3fc77570a527440000000000000000%22,%225%22:%220xfd6ab11b18ce5d460000000000000000%22},%22debug_key%22:%2210546115622439940765%22,%22debug_reporting%22:true,%22destination%22:%22https://aminery.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210888281511%22],%2222%22:[%22true%22],%224%22:[%2203-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227399402267143335777%22}&andc=true

Protocol

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x7ff05cd4db8a20df0000000000000000","2":"0x2a475a8a2752383d0000000000000000","3":"0xc50967f8d3628d210000000000000000","4":"0x8f3fc77570a527440000000000000000","5":"0xfd6ab11b18ce5d460000000000000000"},"debug_key":"10546115622439940765","debug_reporting":true,"destination":"https://aminery.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10888281511"],"22":["true"],"4":["03-18"],"6":["true"]},"priority":"500","source_event_id":"7399402267143335777"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Mar 2024 11:24:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Mar 2024 11:24:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7ff05cd4db8a20df0000000000000000","2":"0x2a475a8a2752383d0000000000000000","3":"0xc50967f8d3628d210000000000000000","4":"0x8f3fc77570a527440000000000000000","5":"0xfd6ab11b18ce5d460000000000000000"},"debug_key":"10546115622439940765","debug_reporting":true,"destination":"https://aminery.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10888281511"],"22":["true"],"4":["03-18"],"6":["true"]},"priority":"500","source_event_id":"7399402267143335777"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2198
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
38ms

Document
text/html

2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 11:24:52 GMT
expires: Mon, 18 Mar 2024 11:24:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 11:24:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B82C 52 KB
20 KB 4ms
3ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

777eae4b19c82fc95dc7c4c5c7dd5fcc7c18896981678969b8a889cde6fcd184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 396931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20181
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 21:09:21 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 65ms
64ms Preflight
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Mar 2024 11:24:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9A05 0
10 B 3ms
3ms Image
text/plain 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t0yirw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 11:24:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2915 42 B
64 B 67ms
66ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtBOD-YdqZHmSlNi868kNiNouQhlk0kPiuhCNonfKwADk_-ZKRjBqkgodLOBaHYNId3KhqcAEe-CPTTwAtl2-XLKA5M7E8daDvvrRl0A3TNUXLscVwYFGsHfDtT093O3N4eYhDegvXVSgxvbOT-2CrXUtJpHLLsHg&sai=AMfl-YR0sdLdlyZTSeq1HZrIvJjCLzD9XC-3ezNNRATd66FLQmaBYM714u3fHOSXyHvEPxc6Ik38YDwrp2qOUREaxpy7ir4B3K_wH4puoM1EZ-FbxAPRotKzvAR02Lr-nglYsk_dckQ4frr_bg7iawPJ&sig=Cg0ArKJSzENzsP1I8q-jEAE&cid=CAQSTgB7FLtqtpaEgtrocj2hYnBLad_gvyagVMb95WGFAUNjrWfOZXL-4xccKpUOvBGpbYVxyVM2Z-9f75xCNojX6eCSBtoxD4bi4XDMzb3FdhgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=669389200&rst=1710761091861&rpt=590&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 11:24:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8DF4 42 B
64 B 68ms
68ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5FKWWKU-Zt4kfEpc1ouaIbHKCxlpLJXSmkYR0yPCsVt_7o3m0_hkFGbr3dfJACEoxLOWb5sKc6A6028k8_X2X715QeJFf6FXHl8j6IWvudhRpmuNc2RMxx-14UPKQdajrTsPJ-W_dlHv5fxfFiJGt1JXEJLQziNI&sai=AMfl-YRX8qousR7YkyivCEbFeOqbaC8CrVCoBlMXct0Q0hS_FkzPYjDlosMIuFtRLAOCAEK98K5SAPbyyUDW4zQ3yJneqr7vdTKPFYQnkC2EcsvaWo7bGWzCIyDZ2j-P7JElSZw25_q8xK7UbcB1B1cx&sig=Cg0ArKJSzG3Vw1VOLPXFEAE&cid=CAQSTgB7FLtqtpaEgtrocj2hYnBLad_gvyagVMb95WGFAUNjrWfOZXL-4xccKpUOvBGpbYVxyVM2Z-9f75xCNojX6eCSBtoxD4bi4XDMzb3FdhgB&id=lidar2&mcvt=1004&p=-50,0,450,200&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=669389200&rst=1710761091865&rpt=638&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 11:24:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
69ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=1352787815965315&bg=!j4yljMPNAAY_ejuoH3o7ADQBe5WfOCuOA_NFtT1WTXWCuUhwtWJWd4ZfJIQlkEoijcKGdeRKS02uEMtP5m2jFnpSHG5tAgAAAeBSAAAAC2gBBwoACnQ3DqtH5-8X6SmZAsynRqhe0TDLgmvZKv8ZdKzDwKYZdtcTGWkv-fqPH_gLqLazLgXP5-pgP69Mcpd46CoMVWnDfKYQhXxltferJRORC5uU_4UzJ51iKqBLm_8N6gLOuCy88OyfUi-XaWRONJCNm1yXymhWtOyWjE1AjUzOPXZxFDW1c-iONkfML-hYnYq_gsjHumjw4W-L548i6iZKoue1B_Iy284_Ld3hnbsju9UnzW4WQ8RH7hU_c2fyYKMz5_XlbigWDaDj02WfCYk8m6JeP8xMv-W9XXiUJk_-xkUaLPgiw0x7zopqaNAK02iALyDbhba91nKW8WQpPGVLhUuvEkbNmowAaBvk6t0dcT3wzmHw_HYYSyde-1ht7QlJXqfgrSXfZM9lc_VBqBtTcfjaAY5HcTxsJrquCPN2ygmJWxFCC4DPfsEZd-o9KjRAnuP6tzIb8jo6mSXZNZjqhPZZppRJWXe36ycXCNDhOtxFZBNckaWlGDLqN1t0UqvRvSas_dw7KXRtf0RedN7WC8aFyVl9QH2R994X9T5CoB4ku3HRKuT202V1bciOXRgnuuNxX_TQWkk4bx6bpPruDbJj9JjJS-AYC3mzYp63t1MxDS1MyKhPFVogyUVFOfGHqKaotOTZ16y6MtgrQeN3qJHj7VBxcSdp7JGb5hMXbLP1V07xPHHUQj-ZsqzQF1g9h-5zOyb44Ryo_Rqc2BknNkaE3Qhe4nWgOoMqB78E2-GOE9ObZLrjEE2GBucG8L9gZ_vNjNekUh4LgFLbfk-PhLXF6PES4Xv46fFs2zChRP-1HMF1zZ_haBDeDGTdOscITgFwhiDIgSmu_HNjjbtd6iLLgOLVRyicl05q61n_8Hta4phuNATuQZ8QryiEoP4vmQNXJfOs1Rzw0LCTpn0l-4BzAvfFVRhN_yIxKpM_ivmmqSz7SufVeBRVolr58GYmsarWzPlSfOI8IQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://advisor.samsungoneui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44E9 42 B
64 B 76ms
75ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvV-Xoa8ZUA_HRqQ6iNplGWmSjEcmovgYvSeHtDmpR8ReO4wijWsa0JBDQ57k_kR2GZTFGTtcX80TZ1KUDrF9CmzzdGRcfKXejI9MOYpUKbo-LW1-hEV7up4ybmReOd5r6TGoNtJ3o4HNlkHchuVpH8ln0awasXAHo&sai=AMfl-YTFeYo5OvM6MkkMlThGm80URBxBmzMKnzC6sdtijNVL4xtCE7wr7IabRAhkr8gj07PBNxStal8jXggy8ZHkLjw8YDGauksq4ZMAC3QQbDr52NQyVzz1U9fx3rUOeq1542en-sdno0QIqeeP3eQG&sig=Cg0ArKJSzPPty08u5o2xEAE&cid=CAQSTgB7FLtqtpaEgtrocj2hYnBLad_gvyagVMb95WGFAUNjrWfOZXL-4xccKpUOvBGpbYVxyVM2Z-9f75xCNojX6eCSBtoxD4bi4XDMzb3FdhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=756,1000,1000,1000,1000&tos=756,244,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=669389200&rst=1710761091867&rpt=968&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 11:24:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.samsungoneui.com/	1970-01-21 04:34:17	Name: __gads Value: ID=226ef32cb5f00de5:T=1710761090:RT=1710761090:S=ALNI_Mbl3OfsEou17dPqjFm_OqL31bRP3g
.samsungoneui.com/	1970-01-21 04:34:17	Name: __gpi Value: UID=00000dd36f703a20:T=1710761090:RT=1710761090:S=ALNI_MZQHGoQb7SVcZe4BqNntLKlLuLuCA
.samsungoneui.com/	1970-01-20 23:31:53	Name: __eoi Value: ID=3a1bfd88e6c61e93:T=1710761090:RT=1710761090:S=AA-AfjaFmZaG1K-jsguufhKkggHh
.doubleclick.net/	1970-01-21 04:48:41	Name: IDE Value: AHWqTUleITYt541hiFvArCSfIpvgcqx2XqXL7SdVhe66sJj9URXG-LJ-sP7-WeSsUiM
.doubleclick.net/	1970-01-20 19:12:44	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 21:22:17	Name: ar_debug Value: 1

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://advisor.samsungoneui.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.1(Line 70) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://advisor.samsungoneui.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advisor.samsungoneui.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
142.250.80.34
2606:4700:3037::6815:1994
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::200a
2607:f8b0:4006:816::2003
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2002
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
02d37a64188244eb330571432b0c343cd6a26028402550d789b44bf3b7322e5c
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
0b5a4e5208642cc79fa1cbf1c0bc831d41a4bbab2f3be66ae814dd26a9ba9bbf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
283f52f59207debd850eb20d02f82f299f1b2f2a8aa10341b54aca4dd7cef4cd
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
497b66a80f838d9eb5f619d5af58ae6f8fa8f5790437680a5e87a41cad2f5c19
4d02f60038c8d4261a0d0c055c2b0cb04bbd6fc4454f3f869c1f4927d1f6cab3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e08fc57aac7b3f88ecdcaeb1b1c5400086bed980883d808ed3e34fab9ca9c1c
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d605aac3c171ffe64e211c71a46bd1f56916428db57aef1696e0a1add6a5d0d
5f96be729a22517b04fdbf23704f3653baf7150df9db7448647c9b033eafcb80
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3
6c24812b57ca05b6ad7e7bae77dc988219c5d0e300f4c2441dc8f317e93cadb3
777eae4b19c82fc95dc7c4c5c7dd5fcc7c18896981678969b8a889cde6fcd184
7b2685ea894c514e15f58420b40933b08f0b2baa4cef2a68479acc9a01323b0a
7c4dd0bd84759808f306ef41c14dc423f219e09d984ab235ea5433aa5934bcfe
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67
81e56d1e7da2629d351e861469401069405236f6ff9a5efb1eaa704ef6bba81f
837931d8e29264b164889ae52f00fb11c2d89404f45f97906e5c4e78bf7c3c38
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91cabdd56dd979b98dd3cb5203c3eaf459b9b56593cb8164922f6379638b67bd
93a0989edcc761ce4fbfb2900517b55b48d922781bec302a9349393f84c37363
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
aa3fc9c307fa9a2c8b7e8c01b8846eefa4e20271ebe4f0897d6e871d6cf67304
b03d72a3d243c0fc30f3e56a908417b1103ebf940269a3f5dc3ec1da2397eb73
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d9b5d5aa86f8c3b274e0b6d3645d6bedea3d48d87c1374d739e316e5abd10afc
dc25be167800b6450dfb024fd3f885ad88a8a7a9ed7115ff53be522ff91946d8
de755c8dd48bba137d819e8440d032b8f5d6ca767bff28f9a9af3b731e87d501
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e1cab60edf12e7afbd01c88dbd984900cf179f4ed83bf9fd99d74e3987decdf4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06fa333d76c0cf376e429830334b37d6000d5607ad8f66cd3fc19716ee30775
f576aaa1ac8352e9e0c17cb743536e1488b0518fecc8bba8f8b87b560a0d5cca
fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392

advisor.samsungoneui.com Open in urlscan Pro 2606:4700:3037::6815:1994 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

96 %HTTPS

89 %IPv6

7 Domains

9 Subdomains

10 IPs

1 Countries

1413 kBTransfer

3941 kBSize

6 Cookies

1 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

advisor.samsungoneui.com Open in urlscan Pro
2606:4700:3037::6815:1994 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

96 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

10
IPs

1
Countries

1413 kB
Transfer

3941 kB
Size

6
Cookies

89 HTTP transactions
3 data transactions